CSRF Vulnerability in Nagios and op5 Monitor Products
CVE-2008-5028

Currently unrated

Key Information:

Vendor: Nagios
Status: Nagios; Monitor
Vendor: CVE Published:; 10 November 2008

What is CVE-2008-5028?

A cross-site request forgery (CSRF) vulnerability exists in the cmd.cgi component of Nagios version 3.0.5 and op5 Monitor prior to version 4.0.1. This flaw allows remote attackers to send crafted HTTP requests that can trigger the execution of arbitrary programs through the Nagios process. If exploited, it could lead to unauthorized actions being performed on the Nagios server, potentially compromising the integrity and security of the monitoring system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46426

vdb-entryx_refsource_XF

http://sourceforge.net/mailarchive/forum.php?thread_name=...

mailing-listx_refsource_MLIST

https://exchange.xforce.ibmcloud.com/vulnerabilities/46521

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2008
Vulnerability Reserved
Nov 10, 2008