What is CVE-2019-15949?

CVE-2019-15949 is a vulnerability in Nagios XI that allows remote code execution as root.

What is the severity of CVE-2019-15949?

The severity of CVE-2019-15949 is critical with a CVSS score of 8.8.

How does CVE-2019-15949 work?

CVE-2019-15949 can be exploited by accessing the server as the nagios user or as the admin user via the web interface to execute arbitrary commands as root.

Which versions of Nagios XI are affected by CVE-2019-15949?

Nagios XI versions up to and excluding 5.6.6 are affected by CVE-2019-15949.

How can CVE-2019-15949 be fixed?

To fix CVE-2019-15949, users should update to Nagios XI version 5.6.6 or higher.

Vulnerability/
CVE-2019-15949

Exploited

critical

CWE

5/9/2019

5/8/2024

CVE-2019-15949: Nagios XI Remote Code Execution Vulnerability

First published: Thu Sep 05 2019(Updated: )

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. A user logged into Nagios XI with permissions to modify plugins, or the nagios user on the server, can modify the check_plugin executable and insert malicious commands to execute as root.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Nagios Nagios XI	<5.6.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-15949?
CVE-2019-15949 is a vulnerability in Nagios XI that allows remote code execution as root.
What is the severity of CVE-2019-15949?
The severity of CVE-2019-15949 is critical with a CVSS score of 8.8.
How does CVE-2019-15949 work?
CVE-2019-15949 can be exploited by accessing the server as the nagios user or as the admin user via the web interface to execute arbitrary commands as root.
Which versions of Nagios XI are affected by CVE-2019-15949?
Nagios XI versions up to and excluding 5.6.6 are affected by CVE-2019-15949.
How can CVE-2019-15949 be fixed?
To fix CVE-2019-15949, users should update to Nagios XI version 5.6.6 or higher.

collector/nvd-index
agent/type
agent/softwarecombine
agent/description
agent/severity
agent/weakness
agent/title
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
exploited/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup
agent/references
agent/tags
collector/nvd-cve
source/NVD
agent/author
vendor/nagios
canonical/nagios nagios xi

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.