Security Advisory

CVE-2018-16146

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-09-05 21:00:00

Last updated 2024-08-05 10:17:37

Assigner mitre

State PUBLISHED

Description

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection with the privileges of the nagios user account.

← Browse all CVEs View on cve.org ↗