Back to bug 1376658

Who When What Removed Added
Jason Shepherd 2016-09-16 06:12:31 UTC Blocks 1376656
Tomas Hoger 2016-09-16 07:01:55 UTC Summary Nagios is vulnerable to Cross-Site Request Forgery attacks nagios: web interface vulnerable to Cross-Site Request Forgery attacks
Jason Shepherd 2016-09-18 23:20:06 UTC Doc Text It was found that Nagios was vulnerable to Cross-Site Request Forgery attacks. An attacker could use this flaw to trick an authenticated user into performing unintented actions.
Eric Christensen 2016-09-19 02:25:05 UTC Doc Text It was found that Nagios was vulnerable to Cross-Site Request Forgery attacks. An attacker could use this flaw to trick an authenticated user into performing unintented actions. It was found that Nagios was vulnerable to Cross-Site Request Forgery attacks. An attacker could use this flaw to trick an authenticated user into performing unintended actions.
Martin Prpič 2016-09-19 06:52:41 UTC Fixed In Version 4.2.0 nagios 4.2.0
Jason Shepherd 2016-09-20 22:17:13 UTC Whiteboard impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4/nagios=affected,openstack-5-rhel6/nagios=affected,openstack-5-rhel7/nagios=affected,openstack-6/nagios=affected,openstack-7/nagios=affected,rhes-3.1/nagios=new impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4/nagios=affected,openstack-5-rhel6/nagios=affected,openstack-5-rhel7/nagios=affected,openstack-6/nagios=affected,openstack-7/nagios=affected,rhes-3.1/nagios=new,fedora-all/nagios=affected
Jason Shepherd 2016-09-20 22:17:27 UTC CC affix, jose.p.oliveira.oss, mail, nb, ondrejj, s, swilkerson
Jason Shepherd 2016-09-20 22:18:01 UTC Depends On 1377885
Tim Suter 2016-11-10 01:01:57 UTC Whiteboard impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4/nagios=affected,openstack-5-rhel6/nagios=affected,openstack-5-rhel7/nagios=affected,openstack-6/nagios=affected,openstack-7/nagios=affected,rhes-3.1/nagios=new,fedora-all/nagios=affected impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=affected,openstack-7/nagios=wontfix,rhes-3.1/nagios=new,fedora-all/nagios=affected
Tim Suter 2016-11-10 01:03:04 UTC Whiteboard impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=affected,openstack-7/nagios=wontfix,rhes-3.1/nagios=new,fedora-all/nagios=affected impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhes-3.1/nagios=new,fedora-all/nagios=affected
Jason Shepherd 2016-11-10 05:03:41 UTC Whiteboard impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhes-3.1/nagios=new,fedora-all/nagios=affected impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4.2.0/nagios=notaffected,rhmap-4.1.0/nagios=wontfix,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhes-3.1/nagios=new,fedora-all/nagios=affected
Siddharth Sharma 2016-11-10 08:39:30 UTC CC sisharma
Whiteboard impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4.2.0/nagios=notaffected,rhmap-4.1.0/nagios=wontfix,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhes-3.1/nagios=new,fedora-all/nagios=affected impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4.2.0/nagios=notaffected,rhmap-4.1.0/nagios=wontfix,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhes-3.1/nagios=wontfix,fedora-all/nagios=affected
Nick Bebout 2017-01-20 21:28:09 UTC CC nb
PnT Account Manager 2018-01-30 03:14:01 UTC CC coneill
PnT Account Manager 2018-01-31 00:02:54 UTC CC aortega
PnT Account Manager 2019-04-22 21:31:15 UTC CC tjay
PnT Account Manager 2019-05-31 14:22:03 UTC CC smohan
Product Security DevOps Team 2019-06-08 02:58:40 UTC Status NEW CLOSED
Resolution --- WONTFIX
Last Closed 2019-06-08 02:58:40 UTC
Product Security DevOps Team 2019-09-29 13:56:12 UTC Whiteboard impact=moderate,public=20160916,reported=20160916,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,rhmap-4.2.0/nagios=notaffected,rhmap-4.1.0/nagios=wontfix,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhes-3.1/nagios=wontfix,fedora-all/nagios=affected

Back to bug 1376658