CVE-2020-658416.03.2020, 16:15Nagios Log Server 2.1.3 has Incorrect Access Control.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST6.5 MEDIUMNETWORKLOWLOWCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NmitreCNA------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 64%VendorProductVersionnagiosnagios2.1.3𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Referenceshttps://assets.nagios.com/downloads/nagios-log-server/CHANGES.TXThttps://medium.com/%40fixitt6/multiple-vulnerabilities-in-nagios-log-server-2-1-3-af7c160edc60https://www.nagios.com/products/nagios-log-server/https://assets.nagios.com/downloads/nagios-log-server/CHANGES.TXThttps://medium.com/%40fixitt6/multiple-vulnerabilities-in-nagios-log-server-2-1-3-af7c160edc60https://www.nagios.com/products/nagios-log-server/