Detections
Analytics

CVE-2021-3273

high

Description

Nagios XI below 5.7 is affected by code injection in the /nagiosxi/admin/graphtemplates.php component. To exploit this vulnerability, someone must have an admin user account in Nagios XI's web system.

References

https://www.nagios.com/downloads/nagios-xi/change-log/

https://gist.github.com/leommxj/93edce6f8572cefe79a3d7da4389374e

Details

Source: Mitre, NVD

Published: 2021-02-25

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: High