CVE-2020-28911

Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the test_server command in ajaxhelper.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:nagios:fusion:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-24 13:15

Updated : 2024-02-28 18:28


NVD link : CVE-2020-28911

Mitre link : CVE-2020-28911

CVE.ORG link : CVE-2020-28911


JSON object : View

Products Affected

nagios

  • fusion
CWE
CWE-922

Insecure Storage of Sensitive Information