Multiple Vulnerabilities Found in Opsview Monitor

SecureAuth Core Security today published a vulnerability disclosure in conjunction with enterprise systems monitoring software provider Opsview. The publication of the disclosure is related to five vulnerabilities in the company’s Opsview Monitor product, which is a virtual appliance deployed inside an organization’s network infrastructure. The product comes bundled with a web management console that monitors and manages both hosts and their services. “Opsview builds monitoring software that helps DevOps understand how the performance of their hybrid IT infrastructure & apps impacts business service delivery,” the advisory wrote. “Opsview Monitor supports 3500 Nagios plugins and service checks making it easy to monitor everything from Docker and VMware to Amazon Web Services, Hyper-V and more. Multiple vulnerabilities were found in the Opsview Monitor, which would allow an attacker with access to the management console to execute commands on the operating system.