Vulnerabilities > Nagios > Incident Manager > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-03-28 CVE-2019-9203 Unspecified vulnerability in Nagios Incident Manager 2.0.0/2.0.1
Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.
network
low complexity
nagios
critical
9.8
2019-03-28 CVE-2019-9204 SQL Injection vulnerability in Nagios Incident Manager 2.0.0/2.0.1
SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands.
network
low complexity
nagios CWE-89
critical
9.8