ГлавнаяУязвимости → CVE-2024-13997
7.2высокая

CVE-2024-13997

→ есть в БДУ: BDU:2025-14477 (на русском)
Описание (на английском; русское — в БДУ выше)

Nagios XI versions prior to 2024R1.1.3 contain a privilege escalation vulnerability in which an authenticated administrator could leverage the Migrate Server feature to obtain root privileges on the underlying XI host. By abusing the migration workflow, an admin-level attacker could execute actions outside the intended security scope of the application, resulting in full control of the operating system.

Затрагиваемое ПО
Nagios Nagios xi
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.nagios.com/changelog/nagios-xi/https://www.nagios.com/products/security/#nagios-xihttps://www.vulncheck.com/advisories/nagios-xi-privilege-escalation-via-migrate-server-feature-to-root-on-host