Local Privilege Escalation in Nagios XI before version 5.8.5

Local Privilege Escalation in Nagios XI before version 5.8.5

CVE-2021-37345 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because xi-sys.cfg is being imported from the var directory for some scripts with elevated permissions.

Learn more about our Cis Benchmark Audit For Apple Ios.