Vulnerabilities > CVE-2019-9203 - Unspecified vulnerability in Nagios Incident Manager 2.0.0/2.0.1

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
nagios
critical
NVD
Published: 2019-03-28
Updated: 2022-10-06

Summary

Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.

Vulnerable Configurations

Part Description Count
Application
Nagios
2

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/152496/nagioxi5510-xssexec.txt
idPACKETSTORM:152496
last seen2019-04-15
published2019-04-12
reporterAbdel Adim Oisfi
sourcehttps://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
titleNagios XI 5.5.10 XSS / Remote Code Execution

References