Privilege Escalation Vulnerability in Nagios XI and Nagios Fusion
CVE-2020-28906

8.8HIGH

Key Information:

Vendor: Nagios
Status: Fusion; Nagios Xi
Vendor: CVE Published:; 24 May 2021

What is CVE-2020-28906?

A security issue exists in Nagios XI versions 5.7.5 and earlier, as well as Nagios Fusion versions 4.1.8 and earlier, involving incorrect file permissions. This vulnerability permits low-privileged users to modify files utilized by scripts running with root privileges, leading to potential privilege escalation. If exploited, it could allow an unauthorized user to gain elevated access to system resources, providing them unauthorized control over the affected systems.