Remote Code Execution in Nagios Docker Config Wizard

Remote Code Execution in Nagios Docker Config Wizard

CVE-2021-3193 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user.

Learn more about our Cis Benchmark Audit For Apache Http Server.