Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-36365
CVE-2021-36365:
Nagios XI vulnerability analysis and mitigation
Overview
Nagios XI before version 5.8.5 has an Incorrect Permission Assignment vulnerability affecting the repairmysql.sh file. The vulnerability was discovered and disclosed in July 2021, identified as CVE-2021-36365. This security issue affects Nagios XI installations prior to version 5.8.5 (MITRE, Nagios Changelog).
Technical details
The vulnerability stems from improper file permissions assigned to the repairmysql.sh script in Nagios XI installations. This misconfiguration in permission assignment could potentially be exploited by attackers who have access to the system (MITRE).
Impact
The incorrect permission assignment on the repairmysql.sh file could potentially allow unauthorized users to execute or modify the script, which could lead to system compromise or unauthorized access to database operations (MITRE).
Mitigation and workarounds
The vulnerability was fixed in Nagios XI version 5.8.5. Users should upgrade their Nagios XI installations to version 5.8.5 or later to address this security issue. The fix includes proper permission assignments for the repairmysql.sh file (Nagios Changelog).
Additional resources
Source: This report was generated using AI
Related Nagios XI vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management