3 matches found
Nagios XI API Key Regeneration Privilege Escalation (CVE-2018-15711)
A privilege escalation vulnerability exists in the API component of Nagios XI. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target system. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access...
CVE-2018-15711
creationtimestamp| type| source ---|---|--- 2019-02-05 08:36:44+00:00| published-proof-of-concept| https://t.me/antichat/3504...
CVE-2018-15711
Nagios XI 5.5.6 contains a privilege-escalation flaw in the API key management. A remote, authenticated attacker can reset and regenerate the API key of a higher-privileged user, then use the new key to perform API calls with elevated privileges. This is described consistently across multiple sou...