if vulnerability has been patched?

[chicjo01]

Our security team wants to know if the below vulnerability still exists or where they fixed in 5.2.8 or 5.2.9 updates?

Current Version We are using: 5.2.9

Nagios XI Command Injection
Check Point Reference CPAI-2016-0593

A Command Injection vulnerability exists in Nagios XI.
This protection detects attempts to exploit this vulnerability.

Nagios XI SQL Injection
Check Point Reference CPAI-2016-0594

An SQL injection vulnerability exists in Nagios XI.
This protection detects attempts to exploit this vulnerability.

[rkennedy]

I believe both of these have been fixed. You'll want to make sure all of your components are up to date as well, not just the software. Are they all up to date as well? (Admin -> Manage Components)

EDIT: I'd like to confirm this -- any way you can provide the CVE ID's for these? I can't seem to get it out of the check point references.

https://www.checkpoint.com/defense/advi ... -0593.html
https://www.checkpoint.com/defense/advi ... -0594.html

[jomann]

I can confirm that these are fixed in 5.2.8. The references you gave look like they are pointing at the advisory from security-assessment which were mostly fixed in 5.2.8 with the exception of the profile component upload which requires admin rights to do. That profile component upload was changed in 5.2.9 though, and you can no longer upload a profile component through the web UI.

[chicjo01]

Thank you for the information and confirmation. I will let me security know.

[tmcdonald]

Is it alright if we close this up?

[chicjo01]

yes