CVE-2020-28900 vulnerability in Nagios Products
Published on May 24, 2021
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.
Products Associated with CVE-2020-28900
stack.watch emails you whenever new vulnerabilities are published in Nagios Fusion or Nagios Xi. Just hit a watch button to start following.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.