CVE-2011-10035

Nagios XI versions prior to2011R1.9contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Due to time-of-check/time-of-userace conditions and missing synchronization or final-path validation, a local low-privileged user could manipulate filesystem state during crontab installation to influence the files or commands executed with elevated privileges, resulting in execution with higher privileges.
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
VulnCheckCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://www.nagios.com/changelog/nagios-xi/
https://www.vulncheck.com/advisories/nagios-xi-race-conditions-in-crontab-install-script-lpe