Local Privilege Escalation in Nagios XI before version 5.8.5

Local Privilege Escalation in Nagios XI before version 5.8.5

CVE-2021-37347 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument.

Learn more about our Cis Benchmark Audit For Apple Ios.