CVE-2018-16145

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of the appliance.
Configurations

Configuration 1

cpe:2.3:a:opsview:opsview:*:*:*:*:*:*:*:*
cpe:2.3:a:opsview:opsview:*:*:*:*:*:*:*:*

Information

Published : 2018-09-05 09:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-16145

Mitre link : CVE-2018-16145

Products Affected
No products.
CWE