【安全通报】Nagios XI 多个安全…

Author:



近日,白帽汇安全研究院发现 Nagios XI 与 4 月 7 日发布的最新 5.6.13 版本修复了 CVE-2020-10819, CVE-2020-10820, CVE-2020-10821 跨站脚本漏洞。 Nagios XI 是一个企业级监测和报警方案。提供对所有关键任务基础架构组件的监视,包括应用程序,服务,操作系统,网络协议,系统指标和网络基础架构。 漏洞原理. 最新版本修复了在登录管理员帐号情况下,NRDP/NSCA 出站检查配置中的RCE漏洞;修复了在登录情况下的POST型跨站脚本漏洞(xss)三枚,相关漏洞编号:CVE-2020-10819,CVE-2020-10820,CVE….



Source link

You must be logged in to post a comment.

RELATED STORIES
Category Product Vulnerabilities

Cybersecurity firm Sophos hit by data breach, says ‘small subset’ of customers affected

November 26, 2020
Leading cyber security company Sophos has notified some customers via email about a data security...
Read More
Category Product Vulnerabilities

2020-29072 | LiquidFiles cross site scripting

November 25, 2020
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks....
Read More
Category Product Vulnerabilities

CologneBlue Skin up to 1.35 on MediaWiki qbfind Message CologneBlueTemplate.php cross site scripting

November 24, 2020
A vulnerability classified as problematic was found in CologneBlue Skin up to 1.35 on MediaWiki....
Read More
Category Product Vulnerabilities

GitHub fixes high severity security flaw spotted by Google (ZDNet Latest News)

November 23, 2020
GitHub fixes ‘high severity’ security flaw spotted by Google. Two weeks after Google disclosed a...
Read More
Category Product Vulnerabilities

CVE-2020-24365 Gemtek WRTM-127ACN 和 Gemtek WRTM-127×9 安全漏洞 -漏洞情报、漏洞详情、安全漏洞、CVE

November 22, 2020
[*] # Exploit Title: Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection # Date: 13/09/2020...
Read More
Category Product Vulnerabilities

SUSE: 2020:3477-1 important: postgresql96>

November 21, 2020
An update that fixes three vulnerabilities is now available. SUSE Security Update: Security update for...
Read More
Category Product Vulnerabilities

Odyssey jailbreak picks up support for iOS 13.5.1-13.7 thanks to new exploit

November 20, 2020
The Odyssey Team updated its iOS 13-centric Odyssey jailbreak tool at the crack of dawn...
Read More
Category Product Vulnerabilities

【安全通报】Drupal 远程代码执行漏洞(CVE-2020-13671)

November 19, 2020
Drupal是使用PHP语言编写的开源内容管理框架。 近日 Drupal官方发布安全更新,修复了 CVE-2020-13671 Drupal 远程代码执行漏洞。由于Drupal core 没有正确地处理上传文件中的某些文件名,攻击者通过上传恶意文件,在某些特定的配置下可能会被当作 php 解析,从而导致远程代码执行。Drupal 用户应尽快采取安全措施阻止漏洞攻击。 影响范围 Drupal 9.0.8; Drupal...
Read More
Category Product Vulnerabilities

Multiple vulnerabilities in Schneider Electric Interactive Graphical SCADA System

November 18, 2020
Risk High Patch available YES Number of vulnerabilities 9 CVE ID CVE-2020-7550CVE-2020-7551CVE-2020-7552CVE-2020-7553CVE-2020-7554CVE-2020-7555CVE-2020-7556CVE-2020-7557CVE-2020-7558 CWE ID CWE-119CWE-787CWE-125...
Read More
Category Product Vulnerabilities

Το update KB4586786 δημιουργεί σφάλμα στο Kerberos

November 17, 2020
Η Microsoft εργάζεται για τη διόρθωση ενός σφάλματος στο update KB4586786 που κυκλοφόρησε την προηγούμενη...
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact