CVE-2021-36363: 
Nagios XI vulnerability analysis and mitigation

Nagios XI before version 5.8.5 contains a security vulnerability related to incorrect permission assignment for the migrate.php file. The vulnerability was discovered and disclosed in July 2021, affecting all versions of Nagios XI prior to 5.8.5. This vulnerability impacts the core functionality of Nagios XI, a network monitoring system (Nagios Changelog).

The vulnerability stems from insecure file permissions set on the migrate.php file in Nagios XI. This incorrect permission assignment could potentially allow unauthorized access to sensitive system functions. The vulnerability has been assigned CVE-2021-36363 and was fixed in Nagios XI version 5.8.5 by implementing proper file permission controls (MITRE CVE).

The incorrect permission assignment on migrate.php could potentially allow unauthorized users to access and manipulate system configurations, potentially leading to system compromise or unauthorized access to sensitive monitoring data (Nagios Changelog).

The vulnerability has been fixed in Nagios XI version 5.8.5. Users are advised to upgrade to this version or later to address the security issue. The fix involves correcting the file permissions for migrate.php to prevent unauthorized access (Nagios Changelog).