Nagios Support Forum

Posted: **Thu Jul 21, 2016 8:57 am**

Our security team wants to know if the below vulnerability still exists or where they fixed in 5.2.8 or 5.2.9 updates?

Current Version We are using: 5.2.9

Nagios XI Command Injection
Check Point Reference CPAI-2016-0593

A Command Injection vulnerability exists in Nagios XI.
This protection detects attempts to exploit this vulnerability.

Nagios XI SQL Injection
Check Point Reference CPAI-2016-0594

An SQL injection vulnerability exists in Nagios XI.
This protection detects attempts to exploit this vulnerability.

Posted: **Thu Jul 21, 2016 11:04 am**

I believe both of these have been fixed. You'll want to make sure all of your components are up to date as well, not just the software. Are they all up to date as well? (Admin -> Manage Components)

EDIT: I'd like to confirm this -- any way you can provide the CVE ID's for these? I can't seem to get it out of the check point references.

https://www.checkpoint.com/defense/advi ... -0593.html
https://www.checkpoint.com/defense/advi ... -0594.html

Posted: **Thu Jul 21, 2016 11:39 am**

I can confirm that these are fixed in 5.2.8. The references you gave look like they are pointing at the advisory from security-assessment which were mostly fixed in 5.2.8 with the exception of the profile component upload which requires admin rights to do. That profile component upload was changed in 5.2.9 though, and you can no longer upload a profile component through the web UI.

Posted: **Thu Jul 21, 2016 2:37 pm**

Thank you for the information and confirmation. I will let me security know.

Posted: **Thu Jul 21, 2016 4:46 pm**

Is it alright if we close this up?

Posted: **Fri Jul 22, 2016 7:37 am**

Nagios Support Forum

if vulnerability has been patched?

if vulnerability has been patched?

Re: if vulnerability has been patched?

Re: if vulnerability has been patched?

Re: if vulnerability has been patched?

Re: if vulnerability has been patched?

Re: if vulnerability has been patched?