CVE-2021-26024
First published: Wed Feb 03 2021(Updated: )
The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference: it is possible to create favorites for any other user account.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nagios Favorites | <1.0.2 | |
| Nagios Nagios XI | =5.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-26024.
What is the title of the vulnerability?
The title of the vulnerability is 'The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference.'
What is the severity of CVE-2021-26024?
The severity of CVE-2021-26024 is medium with a severity value of 5.3.
How does the vulnerability impact Nagios XI 5.8.0?
The vulnerability allows an attacker to create favorites for any other user account in Nagios XI 5.8.0.
How do I fix the vulnerability?
To fix the vulnerability, update the Favorites component to version 1.0.2 or later.
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/type
- agent/description
- agent/event
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nagios
- canonical/nagios favorites
- canonical/nagios nagios xi
- version/nagios nagios xi/5.8.0