Update your system now to avoid cyber attacks.
Positive Technologies specialists have discovered a number of dangerous vulnerabilities in the Nagios XI system designed for monitoring IT infrastructure. The software is used in data centers, telecommunications companies, hosting providers, and other organizations to track the health of the network infrastructure.
An attack using the discovered vulnerabilities could lead to theft of private data, hacking of the network infrastructure, and other compromise of the server on which Nagios XI is installed. According to experts, in February 2024, the number of systems available on the Internet with Nagios XI exceeded 900, a third of which were located in the United States (33.4%), in China — 8.4%, in India — 5%.
Positive Technologies explained:
"An attacker could have used cross-site scripting vulnerabilities (to attack the system administrator) and shellcode injection (to execute arbitrary code on the server where Nagios XI is installed). After that, the attacker could potentially disable Nagios XI and other systems and services, and use the provided server capacity. For example, perform cryptocurrency mining or make the server a member of a botnet, steal private data, hack network infrastructure, and perform other malicious actions."
A Positive Technologies expert discovered vulnerabilities in cross-site scripting ( BDU:2023-07898 , BDU:2023-07893 and BDU:2023-07900 , BDU:2023-07894 , BDU:2023-07899 and BDU:2023-07901 ), SQL code injection (BDU:2023-07895) and shellcode injection ( BDU: 2023-07896) - both with a score of 9.1 points on CVSS 3.0 The manufacturer was notified of the vulnerabilities under the responsible disclosure policy and issued security updates.
To ensure protection, the developer recommends updating Nagios XI to version 2024R1. 0. 1 or later.
Positive Technologies specialists have discovered a number of dangerous vulnerabilities in the Nagios XI system designed for monitoring IT infrastructure. The software is used in data centers, telecommunications companies, hosting providers, and other organizations to track the health of the network infrastructure.
An attack using the discovered vulnerabilities could lead to theft of private data, hacking of the network infrastructure, and other compromise of the server on which Nagios XI is installed. According to experts, in February 2024, the number of systems available on the Internet with Nagios XI exceeded 900, a third of which were located in the United States (33.4%), in China — 8.4%, in India — 5%.
Positive Technologies explained:
"An attacker could have used cross-site scripting vulnerabilities (to attack the system administrator) and shellcode injection (to execute arbitrary code on the server where Nagios XI is installed). After that, the attacker could potentially disable Nagios XI and other systems and services, and use the provided server capacity. For example, perform cryptocurrency mining or make the server a member of a botnet, steal private data, hack network infrastructure, and perform other malicious actions."
A Positive Technologies expert discovered vulnerabilities in cross-site scripting ( BDU:2023-07898 , BDU:2023-07893 and BDU:2023-07900 , BDU:2023-07894 , BDU:2023-07899 and BDU:2023-07901 ), SQL code injection (BDU:2023-07895) and shellcode injection ( BDU: 2023-07896) - both with a score of 9.1 points on CVSS 3.0 The manufacturer was notified of the vulnerabilities under the responsible disclosure policy and issued security updates.
To ensure protection, the developer recommends updating Nagios XI to version 2024R1. 0. 1 or later.
