Nagiosfusion
by Nagios
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12501 | Med | 0.40 | 6.1 | 0.02 | Jun 16, 2018 | Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335. | ||
| CVE-2020-28905 | 0.04 | — | 0.26 | May 24, 2021 | Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to execute remote code via table pagination. | |||
| CVE-2020-28906 | 0.00 | — | 0.05 | May 24, 2021 | Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included (aka sourced) by scripts executed by root. |
- risk 0.40cvss 6.1epss 0.02
Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335.
- CVE-2020-28905May 24, 2021risk 0.04cvss —epss 0.26
Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to execute remote code via table pagination.
- CVE-2020-28906May 24, 2021risk 0.00cvss —epss 0.05
Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included (aka sourced) by scripts executed by root.