Werk #16990: NagVis: Updated to 1.9.42 (fix security issues)
Komponente | Other components | ||||||||
Titel | NagVis: Updated to 1.9.42 (fix security issues) | ||||||||
Datum | 10.07.2024 | ||||||||
Level | Kleine Änderung | ||||||||
Klasse | Sicherheitsfix | ||||||||
Kompatibilität | Kompatibel - benötigt kein manuelles Eingreifen | ||||||||
Checkmk versions & editions |
|
NagVis has been updated to version 1.9.42.
This update fixes the following security issues: - Fix various XSS issues (CVSS score: 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) - Fix potential RCE - Fix insecure password hashing algorithm for dedicated NagVis users (CVSS score 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) - Fix leak of installation path in error messages - Fix Make cookie hash comparison timing safe