Privilege Escalation via Insecure Permissions in Nagios XI 5.7.5 and earlier
CVE-2020-28910 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.
Learn more about our Cis Benchmark Audit For Apple Ios.