Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/31 12:30 a.m.6 views

EUVD-2025-37214

Nagios XI versions prior to 2024R1.4.2 revealed API keys to users who were not authorized for API access when using Neptune themes. An authenticated user without API privileges could view another user's or their own API key value...

7.1CVSS6.2AI score0.00949EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/31 12:30 a.m.4 views

EUVD-2025-37212

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

5.1CVSS6.2AI score0.00325EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/30 9:41 p.m.4 views

CVE-2025-34134 Nagios XI < 2024R1.4.2 RCE via Business Process Intelligence (BPI)

Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the Business Process Intelligence BPI component. Insufficient validation and sanitization of administrator-controlled BPI configuration parameters notably bpilogfile and bpiconfigfile allow an authenticated...

9.4CVSS8AI score0.02194EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.6 views

PT-2025-44521

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.4.2 Description Nagios XI versions prior to 2024R1.4.2 had a flaw where API keys were exposed to users lacking the necessary API access permissions when utilizing Neptune themes. An authenticated user, even...

7.1CVSS6.5AI score0.00949EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.5 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.4.2, which stems from an unauthorize...

7.1CVSS6.2AI score0.00949EPSS
Exploits0References3
Rows per page
Query Builder