5 matches found
Critical Security Vulnerabilities Uncovered in Nagios XI
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security vulnerabilities have been identified in Nagios XI, a network monitoring software, which could potentially lead to privilege escalation and information disclosure. These...
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Followi...
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
CVE-2023-40933
Nagios XI is affected by CVE-2023-40933: a SQL injection in the update_banner_message() path that can be triggered by supplying an attacker-authenticated user with banner-configuration privileges via the ID parameter. The issue is reported for Nagios XI versions 5.11.1 and earlier. The vulnerabil...