[Japanese]

JVNDB-2008-000014

Nagios cross-site scripting vulnerability

Overview

Nagios from Nagios.org contains a cross-site scripting vulnerability.

Nagios from Nagios.org is software that monitors network services, hosts, and other resources. Nagios contains a cross-site scripting vulnerability.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Nagios Enterprises, LLC
  • Nagios earlier than 3.0rc1 Versions

Impact

An arbitrary script can be executed on the user's web browser.
Solution

[Update the Software]

Update the software to the latest version according to the information released by the vendor.
Vendor Information

Nagios Enterprises, LLC
CWE (What is CWE?)

CVE (What is CVE?)

References

  1. JVN : JVN#53757727
Revision History

  • [2008/05/21]
      Web page published