Security vulnerability on Nagios XI

[IT-OPS-SYS]

As per the below article, as many as 11 security vulnerabilities ( CVE-2021-37343 and CVE-2021-37347) have been disclosed in Nagios network management systems, some of which could be chained to achieve pre-authenticated remote code execution with the highest privileges, as well as lead to credential theft and phishing attacks.

https://thehackernews.com/2021/09/new-n ... d-let.html

We are running the version 5.8.5 on our Nagios XI. Do we need to worry about these above vulnerabilities if yes then kindly provide us the hotfix/patch update so that we can apply on our Nagios XI server.

Note: we are not using Docker Wizard , Switch Wizard , WatchGuard Wizard.

[pbroste]

Hello @IT-OPS-SYS

Thanks for reaching out, to be fully protected against security threats please make sue that you environment is on the latest version with patches. Please see:

https://www.nagios.com/products/security/
https://www.nagios.com/security-faq/

If you are sure you are not using Config Wizards you can move then so they are not accessible for added protection:

Code: Select all

mkdir /root/xi_configwizard_backup
mv /usr/local/nagiosxi/html/includes/configwizards/autodiscovery /root/xi_configwizard_backup/
mv /usr/local/nagiosxi/html/includes/configwizards/watchguard /root/xi_configwizard_backup/
mv /usr/local/nagiosxi/html/includes/configwizards/switch /root/xi_configwizard_backup/

Please let us know if you have further questions,
Perry

[IT-OPS-SYS]

we are running 5.8.5 version so do we need to worry about these vulnerabilities.

[pbroste]

Hello @IT-OPS-SYS

You are correct you should be protected given they are running XI 5.8.5 but would suggest upgrade to XI version 5.8.6 since there are other vulnerabilities fixed.

Thanks,
Perry