vulnerability
SUSE: CVE-2020-13977: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Jun 9, 2020 | May 13, 2021 | Oct 22, 2021 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Jun 9, 2020
Added
May 13, 2021
Modified
Oct 22, 2021
Description
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408.
Solutions
suse-upgrade-nagiossuse-upgrade-nagios-contribsuse-upgrade-nagios-develsuse-upgrade-nagios-theme-exfoliationsuse-upgrade-nagios-wwwsuse-upgrade-nagios-www-dch
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.