CVE-2021-25296 – Nagios XI version xi-5.7.5 is affected by OS command injection. (1st Mar, 2021)

Preface: Vulnerabilities are inevitable! For instance , the injection vulnerability will be managed by detective control. As usually, conducting remediation is the preventive and corrective control. To cope with reality, found and fix concept will be reduce the effectiveness of Defense concept. Zero Trust solution will be applied soon or later especially endpoint environment.

Background: The market slogan will say, SIEM is used for log analysis. Nagios is used for continuous monitoring. However SIEM product since Arcsight can do the continuous monitoring very well. Perhaps we would say SIEM can do both continuous monitoring and log analysis. Since Nagios ready to use feature is his benefit. It is because it can do the implementation quickly. Whereby, Nagois product cover some sort of IT operations.

Vulnerability details: A design weakness found in plugin_output_len variable. The flaw is that it do not contain sanitize function and thus can give a way for attacker do command execution. The code location of the files is in the the following path: [/]usr[/]local[/]nagiosxi[/]html[/]includes[/]configwizards[/]windowswmi[/]

Remedy: The supplier has no announcement at this time. –

Reference: In order to avoid the impact of command injection on software application design. Digital world is better to following the Zero Trust Security model. For more details, please refer to link.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.