Vulnerabilities > Nagios > Incident Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-28 | CVE-2019-9204 | SQL Injection vulnerability in Nagios Incident Manager 2.0.0/2.0.1 SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands. | 9.8 |
| 2019-03-28 | CVE-2019-9203 | Unspecified vulnerability in Nagios Incident Manager 2.0.0/2.0.1 Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API. | 9.8 |
| 2019-03-28 | CVE-2019-9202 | Unspecified vulnerability in Nagios Incident Manager 2.0.0/2.0.1 Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues. | 8.8 |