virus logo Intrusion Prevention

Nagios.XI.Alert.Cloud.XSS

description-logoDescription

This indicates an attack attempt to exploit a reflected Cross-site Scripting vulnerability in Nagios XI.
The vulnerability is due to insufficient validation of requests to index.php. A remote attacker may be able to exploit this to execute arbitrary script code within the context of an affected system.

affected-products-logoAffected Products

Nagios Enterprises Nagios XI 2012 R1.5b and prior

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code within the context of the affected site.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://seclists.org/fulldisclosure/2013/Feb/10
ID 34634
Created Feb 26, 2013
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other