HTTP: Nagios XI nocscreenapi.php Cross-Site Scripting

This signature detects attempts to exploit a known cross-site scripting vulnerability against Nagios XI. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Extended Description

In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. Any authenticated user can attack the admin user.

Affected Products

Nagios nagios_xi

References

CVE: CVE-2020-10819

Short Name
HTTP:XSS:NAGIOS-XI-MULTI-XSS
Severity
Warning
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2019-20139 CVE-2020-10819 CVE-2020-10820 Cross-Site Nagios Scripting XI nocscreenapi.php
Release Date
02/11/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3532
False Positive
Unknown
Vendors

Nagios

CVSS Score

3.5

Found a potential security threat?