| Vulnerability Name: | CVE-2013-2214 (CCN-85908) | ||||||||||||||||||||
| Assigned: | 2013-07-19 | ||||||||||||||||||||
| Published: | 2013-07-19 | ||||||||||||||||||||
| Updated: | 2023-02-13 | ||||||||||||||||||||
| Summary: | Nagios could allow a remote attacker to bypass security restrictions, caused by the failure to restrict access to the status.cgi service groups. An attacker could exploit this vulnerability to obtain full access to the servicegroup overview. | ||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||
| CVSS v2 Severity: | 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2013-2214 Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: CCN Type: Nagios Web site Nagios Source: CCN Type: BID-60814 Nagios Servicegroup View 'status.cgi' Security Bypass Vulnerability Source: CCN Type: Red Hat Bugzilla Bug 978531 CVE-2013-2214 nagios: unauthorized hosts and services displayed in servicegroup view Source: XF Type: UNKNOWN nagios-cve20132214-sec-bypass(85908) | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||