Other official information and services: www.belgium.be

Nagios XI 5.5.10: XSS to root RCE

Reference:

Advisory #2019-009

Version:

1.0

Affected software:

Nagios XI 5.5.10

Type:

Remote Code execution

CVE/CVSS:

CVE-2019-9164, CVE-2019-9165, CVE-2019-9166, CVE-2019-9167, CVE-2019-9202, CVE-2019-9203, CVE-2019-9204

Date:

15/04/2019

Sources

https://www.nagios.com/products/security/

Risks

Various critical vulnerabilities have been found in Nagios XI 5.5.10 and prior versions.

CERT.be recommends systems administrators to install the latest Upgrade to Nagios XI 5.5.11 or above. Update to Nagios XI 5.5.11 which includes all the fixes.

A Proof of Concept is available.

Recommended Actions

Upgrade to Nagios XI 5.5.11 or above.

Upgrade Nagios IM component to version 2.2.7 or above.

More Information

Various vulnerabilities have been found in Nagios XI 5.5.10 that allow a remote attacker to obtain a remote root shell. All the attacker has to do is be able to trick an authenticated victim (with “autodiscovery job” creation privileges) to visit a malicious URL.

References

https://www.nagios.com/downloads/nagios-xi/change-log/

https://www.shielder.it/blog/nagios-xi-5-5-10-xss-to-root-rce/