VDB
CVE-2014-4701
CVE-2014-4701
PUBLISHED
CVSS 2.0999999046325684 LOW
The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.
EPSS 0.05% · 14.5th percentile
Risk Scores
CVSS 2.0
2.0999999046325684
EPSS Score
0.05%
14.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| nagios | nagios | 0 |
| n/a | n/a | n/a |
Timeline
- Dec 5, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 33387 exploit
- 61319 third-party-advisory
- 20140516 check_dhcp - Nagios Plugins <= 2.0.1 Arbitrary Option File Read mailing-list
- 67433 vdb
- 58751 third-party-advisory
- [oss-security] 20140630 Re: CVE requests: nagios check_dhcp plug-in: read parts of INI config files belonging to root mailing-list
- http://nagios-plugins.org/nagios-plugins-2-0-2-released/?utm_source=Nagios.org&utm_medium=News+Post&utm_content=Nagios%20Plugins%202.0.2%20Released&utm_campaign=Nagios%20Plugins url
- http://legalhackers.com/advisories/nagios-check_dhcp.txt url
- SUSE-SU-2014:1352 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2014-4701 advisory