An Insufficient Access Control vulnerability (leading to credential disclosure) in coreconfigsnapshot.php (aka configuration snapshot page) in Nagios XI before 5.5.4 allows remote attackers to gain access to configuration files containing confidential credentials. Reference: https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT
Created nagios tracking bugs for this issue: Affects: epel-all [bug 1728582] Affects: fedora-all [bug 1728581]
This was for Nagios XI not nagios core. Nagios XI is not distributed via epel, fedora or anything you have created all these bug for.
Latest upstream release shipped for Nagios core is 4.4.3(and the flaw says fixed in 5.5.4 i.e for Nagios XI), XI[1] seems to be a commercial thing with is not included in any Red Hat offerings. Closing out fedora and epel trackers as NOTABUG. [1] https://www.nagios.com/products/nagios-xi/
Statement: This issue did not affect Red Hat Gluster Storage 3 as it does not ship Nagios XI.