Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/04/26 5:16 a.m.9 views

CVE-2025-28059

An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to retain access to system resources due to improper session invalidation and stale token handling. When an administrator deletes a user account, the backend fails to terminate active sessions and revoke...

7.5CVSS6.8AI score0.0073EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/18 12:0 a.m.15 views

CVE-2025-28059

An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to retain access to system resources due to improper session invalidation and stale token handling. When an administrator deletes a user account, the backend fails to terminate active sessions and revoke...

0.0073EPSS
Exploits0References2
CVE
CVE
added 2025/04/18 12:0 a.m.65 views

CVE-2025-28059

CVE-2025-28059 affects Nagios Network Analyzer 2024R1.0.3. Root cause: improper session invalidation and stale token handling after user deletion, causing active sessions and API tokens to remain valid and grant access to restricted functions. Impact: unauthorized access to system resources. Expl...

7.5CVSS6.8AI score0.0073EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/18 12:0 a.m.7 views

PT-2025-17319

Name of the Vulnerable Software and Affected Versions: Nagios Network Analyzer version 2024R1.0.3 Description: The issue arises from improper session invalidation and stale token handling, allowing deleted users to retain access to system resources. When a user account is deleted by an...

7.5CVSS6.3AI score0.0073EPSS
Exploits0References8
Rows per page
Query Builder