← Voltar para CVEs
CVE-2019-15949
HIGHCISA KEV8.8
Descricao
Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. A user logged into Nagios XI with permissions to modify plugins, or the nagios user on the server, can modify the check_plugin executable and insert malicious commands to execute as root.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado9/5/2019
Ultima modificacao11/6/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorNagios
ProdutoNagios XI
Nome da vulnerabilidadeNagios XI Remote Code Execution Vulnerability
Data inclusao KEV2021-11-03
Prazo de remediacao2022-05-03
Uso em ransomwareUnknown
Produtos afetados
nagios:nagios_xi
Fraquezas (CWE)
CWE-78CWE-78
Referencias
http://packetstormsecurity.com/files/156676/Nagios-XI-Authenticated-Remote-Command-Execution.html(cve@mitre.org)
http://packetstormsecurity.com/files/162158/Nagios-XI-getprofile.sh-Remote-Command-Execution.html(cve@mitre.org)
https://github.com/jakgibb/nagiosxi-root-rce-exploit(cve@mitre.org)
http://packetstormsecurity.com/files/156676/Nagios-XI-Authenticated-Remote-Command-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/162158/Nagios-XI-getprofile.sh-Remote-Command-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/jakgibb/nagiosxi-root-rce-exploit(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-15949(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.