RSS   Vulnerabilities for 'Incident manager'   RSS

2019-03-28
 
CVE-2019-9204

CWE-89
 

 
SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands.

 
 
CVE-2019-9203

CWE-285
 

 
Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.

 
 
CVE-2019-9202

CWE-254
 

 
Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues.

 

 >>> Vendor: Nagios 11 Products
Nagios
Plugins
Fusion
Remote plug in executor
Nagstamon
Nagios xi
Remote plugin executor
Nagios core
Incident manager
Log server
Network analyzer


Copyright 2024, cxsecurity.com

 

Back to Top