Main Vulnerability Database Exploits ID:5369 - Exploit for Permissions, Privileges, and Access Controls in Nagios XI - CVE-2019-15949

ID:5369 - Exploit for Permissions, Privileges, and Access Controls in Nagios XI - CVE-2019-15949

Published: May 9, 2021

Vulnerability identifier: #VU25848

Vulnerability risk: Low

CVE-ID: CVE-2019-15949

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Nagios XI

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/linux/http/nagios_xi_plugins_check_plugin_authenticated_rce

Vulnerability description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the getprofile.sh script in Nagios XI is invoked by downloading a system profile (profile.php?cmd=download) and is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. . A remote privileged user can inject and execute arbitrary OS commands as root on the affected system .

Remediation

Install updates from vendor's website.

ID:5369 - Exploit for Permissions, Privileges, and Access Controls in Nagios XI - CVE-2019-15949

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human