CVE-2022-38251
published 2022-09-07CVE-2022-38251: Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
PriorityP418medium4.8CVSS 3.1
AVNACLPRHUIRSCCLILAN
EPSS
1.68%
74.1th percentile
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nagios | nagios_xi | — | — |
CVSS provenance
nvdv3.14.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
osv4.8MEDIUM
vendor_redhat4.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mr28-qq69-pc33: Nagios XI v5
ghsa_unreviewed·2022-09-08
CVE-2022-38251 [MEDIUM] CWE-79 GHSA-mr28-qq69-pc33: Nagios XI v5
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
OSV
CVE-2022-38251: Nagios XI v5
osv·2022-09-07·CVSS 4.8
CVE-2022-38251 [MEDIUM] CVE-2022-38251: Nagios XI v5
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
Red Hat
nagios: cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel
vendor_redhat·2022-09-08·CVSS 4.8
CVE-2022-38251 [MEDIUM] CWE-79 nagios: cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel
nagios: cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
Statement: Red Hat Gluster Storage (RHGS) 3.5 no longer supports monitoring using Nagios. Red Hat Gluster Storage Web Administration is now the recommended monitoring tool for Red Hat Storage Gluster clusters, hence the Nagios package provided by RHGS will not be fixed.
Package: nagios (Red Hat Storage 3) - Will not fix
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-09-07
Published