Cyber Resilience

CVE-2022-29272

Medium

Published: 29 June 2022

Published
29 June 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score 0.0410 88.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-29272 is a medium-severity Open Redirect (CWE-601) vulnerability in Nagios Nagios Xi. Its CVSS base score is 6.1 (Medium).

Operationally, ranked in the top 11.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

Nagios XI versions through 5.8.5 contain an open redirect vulnerability in the login function, classified under CWE-601. The flaw permits an attacker-controlled URL to be supplied during authentication, resulting in redirection to an arbitrary destination and enabling spoofing. It carries a CVSS 3.1 score of 6.1 reflecting network attack vector, low complexity, no required privileges, and required user interaction with changed scope.

An unauthenticated remote attacker can exploit the issue by crafting a malicious link that victims are induced to click, allowing the attacker to redirect authenticated sessions to an external site under their control and thereby impersonate legitimate Nagios resources for phishing or credential-harvesting purposes.

Vendor change logs referenced in the advisories indicate that the issue is addressed in subsequent Nagios XI releases. The associated EPSS score reached a peak of 0.0638 on 2025-01-22 before receding to its current value of 0.0410, indicating a period of elevated exploitation interest after disclosure.

EU & UK References

Vulnerability details

In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

nagios
nagios xi
≤ 5.8.5

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-601

Security awareness includes verifying URLs and avoiding untrusted redirects that lead to malicious sites.

addresses: CWE-601

Validates redirect targets and URLs to ensure they conform to allowed destinations.

References