Test ID:	1.3.6.1.4.1.25623.1.0.144107
Category:	Web application abuses
Title:	Nagios Core < 4.4.6 Multiple Vulnerabilities
Summary:	Nagios Core is prone to multiple vulnerabilities.
Description:	Summary: Nagios Core is prone to multiple vulnerabilities. Vulnerability Insight: Nagios Core is prone to multiple vulnerabilities: - Authenticated vulnerabilities in histogram.js, map.js, trends.js (CVE-2020-1408) - URL injection vulnerability (CVE-2020-13977) Affected Software/OS: Nagios Core version 4.4.5 and prior. Solution: Update to Nagios Core version 4.4.6 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1408 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1408 Common Vulnerability Exposure (CVE) ID: CVE-2020-13977 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P6NHNG2SJAM6DXVTXQH3AOJ4WQVKJUE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUEIABR4Y6L5J5MZDFWU46ZWXMJO64U3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H7T6MSDWMBJEVVFSOK7DOYJJWDAFQCEQ/ https://anhtai.me/nagios-core-4-4-5-url-injection/ https://github.com/sawolf/nagioscore/tree/url-injection-fix https://www.nagios.org/projects/nagios-core/history/4x/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.