vulnerability
SUSE: CVE-2020-13977: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Jun 9, 2020 | May 13, 2021 | Oct 22, 2021 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Jun 9, 2020
Added
May 13, 2021
Modified
Oct 22, 2021
Description
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408.
Solutions
suse-upgrade-nagiossuse-upgrade-nagios-contribsuse-upgrade-nagios-develsuse-upgrade-nagios-theme-exfoliationsuse-upgrade-nagios-wwwsuse-upgrade-nagios-www-dch
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.