There have been 11 security flaws discovered in Nagios network management systems, some of which might be chained together to allow for pre-authenticated remote code execution with the highest privileges, password theft, and phishing attacks.
The vulnerabilities were identified by industrial cybersecurity firm Claroty, which stated flaws in tools like Nagios made them an attractive target because they “oversight of core servers, devices, and other critical components in the enterprise network.”
This is the second time almost a dozen vulnerabilities in Nagios have been revealed. Skylight Cyber revealed 13 security flaws in the network monitoring application earlier this month, which may be exploited by an adversary to take control of the infrastructure without the need for operator intervention.
To Read More: thehackernews
For more such updates follow us on Google News ITsecuritywire News