CVE-2007-5624

Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
http://secunia.com/advisories/27316	Vendor Advisory
http://secunia.com/advisories/27980
http://www.mandriva.com/security/advisories?name=MDVSA-2008:067
http://www.nagios.org/development/changelog.php#2x_branch	Patch
http://www.securityfocus.com/bid/26152
http://www.vupen.com/english/advisories/2007/3567
https://bugzilla.redhat.com/show_bug.cgi?id=362791
https://bugzilla.redhat.com/show_bug.cgi?id=362801
https://exchange.xforce.ibmcloud.com/vulnerabilities/37350
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00125.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00161.html
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
http://secunia.com/advisories/27316	Vendor Advisory
http://secunia.com/advisories/27980
http://www.mandriva.com/security/advisories?name=MDVSA-2008:067
http://www.nagios.org/development/changelog.php#2x_branch	Patch
http://www.securityfocus.com/bid/26152
http://www.vupen.com/english/advisories/2007/3567
https://bugzilla.redhat.com/show_bug.cgi?id=362791
https://bugzilla.redhat.com/show_bug.cgi?id=362801
https://exchange.xforce.ibmcloud.com/vulnerabilities/37350
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00125.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00161.html

Configurations

Configuration 1 (hide)

cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:38

Type	Values Removed	Values Added
References	~~() http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html -
References	~~() http://secunia.com/advisories/27316 - Vendor Advisory~~	() http://secunia.com/advisories/27316 - Vendor Advisory
References	~~() http://secunia.com/advisories/27980 -~~	() http://secunia.com/advisories/27980 -
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2008:067 -~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2008:067 -
References	~~() http://www.nagios.org/development/changelog.php#2x_branch - Patch~~	() http://www.nagios.org/development/changelog.php#2x_branch - Patch
References	~~() http://www.securityfocus.com/bid/26152 -~~	() http://www.securityfocus.com/bid/26152 -
References	~~() http://www.vupen.com/english/advisories/2007/3567 -~~	() http://www.vupen.com/english/advisories/2007/3567 -
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=362791 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=362791 -
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=362801 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=362801 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/37350 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/37350 -
References	~~() https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00125.html -~~	() https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00125.html -
References	~~() https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00161.html -~~	() https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00161.html -

Information

Published : 2007-10-23 16:46

Updated : 2024-11-21 00:38

NVD link : CVE-2007-5624

Mitre link : CVE-2007-5624

CVE.ORG link : CVE-2007-5624

JSON object : View

Products Affected

nagios

nagios

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.3 /10