Nagios Support Forum

The IT Department had made a vulnerability scanning on NagiosXI host and found a lot of vulnerability, how to fix that?

This scan had to be done with software that just simply determines that php < 5.6 is vulnerable or a certain version of Apache is vulnerable, which isn't really the case, all these CVE's have been backported and if the php version on your system is up to date and you are running an OS that isn't EOL you should be fine.

These CVE's are not Nagios specific, just OS/php/httpd specific.

An update will get the patched version but your scanner likely will still report the same thing More information available in this post
https://support.nagios.com/forum/viewto ... 16&t=54017