CVE-2021-37347

Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument.

Risk Information

  • CVE ID
  • CVE-2021-37347
  • Vendor
  • Nagios
  • Product
  • Nagios XI
  • CVSS v3
  • 7.8