1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Opsview Monitor CVE-2018-16146

Web Attack: Opsview Monitor CVE-2018-16146

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to exploit Remote OS Command vulnerability on the affected machine.

Additional Information

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection with the privileges of the nagios user account.

Affected

  • Opsview Monitor prior to version 5.4.2

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube