Security News > 2021 > September > New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures

As many as 11 security vulnerabilities have been disclosed in Nagios network management systems, some of which could be chained to achieve pre-authenticated remote code execution with the highest privileges, as well as lead to credential theft and phishing attacks.

Industrial cybersecurity firm Claroty, which discovered the flaws, said flaws in tools such as Nagios make them an attractive target owing to their "Oversight of core servers, devices, and other critical components in the enterprise network." The issues have since been fixed in updates released in August with Nagios XI 5.8.5 or above, Nagios XI Switch Wizard 2.5.7 or above, Nagios XI Docker Wizard 1.13 or above, and Nagios XI WatchGuard 1.4.8 or above.

Nagios Core is a popular open-source network health tool analogous to SolarWinds Network Performance Monitor that's used for keeping tabs on IT infrastructure for performance issues and sending alerts following the failure of mission-critical components.

Nagios XI, a proprietary web-based platform built atop Nagios Core, provides organizations with extended insight into their IT operations with scalable monitoring and a customizable high-level overview of hosts, services, and network devices.

Chief among the issues are two remote code execution flaws in Nagios XI Switch Wizard and Nagios XI WatchGuard Wizard, an SQL injection vulnerability in Nagios XI, and a server-side request forgery affecting Nagios XI Docker Wizard, as well as a post-authenticated RCE in Nagios XI's Auto-Discovery tool.

CVE-2021-37343 - A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post-authenticated RCE under the security context of the user running Nagios.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/xeFHS3DnjBY/new-nagios-software-bugs-could-let.html