Vulnerability assessment scans in Nagios Servers

[dagrawal]

Hello Team,

For the Cyber Essentials Plus Certification we are performing vulnerability assessment scans for all of our servers.
Nagios Test and Production servers are also part of this audit.

Based on the vulnerability scan results, all vulnerabilities needs to be remediated/fixed in order to achieve the certification.

We have identified multiple vulnerabilities after the scan, will there be any impact of the functionality of Nagios if we fixed the identified issues from our end.
Also is there any impact on Nagios servers in performing these Vulnerability assessment scans ?

[jsimon]

Hi @dagrawal,

It is certainly possible there may be impact on your Nagios servers, however it would be difficult to say for sure without knowing the list of steps you plan to take to perform this assessment. If you could let us know what operating system version you have your Nagios servers installed on, along with the steps you plan to take, this would be helpful to know in order to provide any advice. Also in general it is helpful if we know what version of Nagios XI you are using when making inquiries.

[dagrawal]

Hi Jsimon,

Thanks for your reply.
Currently our server OS is RHEL8.6. But we are planning to migrate it to RHEL9.
Currently our NagiosXi version is 2024R1.

Steps:
1) Security team will be scanning the server.
2) If any vulnerability is detected, we need to fix the same.