← Zuruck zu CVEs
CVE-2019-15949
HIGHCISA KEV8.8
Beschreibung
Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. A user logged into Nagios XI with permissions to modify plugins, or the nagios user on the server, can modify the check_plugin executable and insert malicious commands to execute as root.
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht9/5/2019
Zuletzt geandert11/6/2025
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerNagios
ProduktNagios XI
SchwachstellennameNagios XI Remote Code Execution Vulnerability
KEV Aufnahmedatum2021-11-03
Behebungsfrist2022-05-03
Ransomware-NutzungUnknown
Betroffene Produkte
nagios:nagios_xi
Schwachen (CWE)
CWE-78CWE-78
Referenzen
http://packetstormsecurity.com/files/156676/Nagios-XI-Authenticated-Remote-Command-Execution.html(cve@mitre.org)
http://packetstormsecurity.com/files/162158/Nagios-XI-getprofile.sh-Remote-Command-Execution.html(cve@mitre.org)
https://github.com/jakgibb/nagiosxi-root-rce-exploit(cve@mitre.org)
http://packetstormsecurity.com/files/156676/Nagios-XI-Authenticated-Remote-Command-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/162158/Nagios-XI-getprofile.sh-Remote-Command-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/jakgibb/nagiosxi-root-rce-exploit(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-15949(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.