CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36366
https://notcve.org/view.php?id=CVE-2021-36366
Nagios XI before 5.8.5 incorrectly allows manage_services.sh wildcards. Nagios XI versiones anteriores a 5.8.5, permite incorrectamente los comodines de manage_services.sh • https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT https://www.nagios.com/downloads/nagios-xi/change-log •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36365
https://notcve.org/view.php?id=CVE-2021-36365
Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh. Nagios XI versiones anteriores a 5.8.5, presenta una Asignación de Permisos Incorrecta para el archivo repairmysql.sh • https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT https://www.nagios.com/downloads/nagios-xi/change-log • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36364
https://notcve.org/view.php?id=CVE-2021-36364
Nagios XI before 5.8.5 incorrectly allows backup_xi.sh wildcards. Nagios XI versiones anteriores a 5.8.5, permite incorrectamente los comodines backup_xi.sh • https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT https://www.nagios.com/downloads/nagios-xi/change-log •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36363
https://notcve.org/view.php?id=CVE-2021-36363
Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php. Nagios XI versiones anteriores a 5.8.5, presenta una Asignación de Permisos Incorrecta para el archivo migrate.php • https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT https://www.nagios.com/downloads/nagios-xi/change-log • CWE-276: Incorrect Default Permissions •
CVSS: 5.4EPSS: 9%CPEs: 1EXPL: 1CVE-2021-38156
https://notcve.org/view.php?id=CVE-2021-38156
In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard. En Nagios XI versiones anteriores a 5.8.6, se presenta una vulnerabilidad de tipo XSS en la página del panel de control (/dashboards/#) cuando los usuarios administrativos intentan editar un panel de control • https://raxis.com/blog/cve-2021-38156 https://www.nagios.com/downloads/nagios-xi/change-log • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •