Vulnerabilities > Nagios
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-27 | CVE-2021-4285 | Cross-site Scripting vulnerability in Nagios Cross Platform Agent A vulnerability classified as problematic was found in Nagios NCPA. | 6.1 |
| 2022-06-29 | CVE-2022-29269 | Cross-site Scripting vulnerability in Nagios XI In Nagios XI through 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address. | 6.5 |
| 2022-06-29 | CVE-2022-29270 | Missing Authentication for Critical Function vulnerability in Nagios XI In Nagios XI through 5.8.5, it is possible for a user without password verification to change his e-mail address. | 4.3 |
| 2022-06-29 | CVE-2022-29271 | Incorrect Authorization vulnerability in Nagios XI In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. | 6.5 |
| 2022-06-29 | CVE-2022-29272 | Open Redirect vulnerability in Nagios XI In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing. | 5.8 |
| 2021-10-26 | CVE-2021-40343 | Incorrect Permission Assignment for Critical Resource vulnerability in Nagios XI 5.8.5 An issue was discovered in Nagios XI 5.8.5. | 7.2 |
| 2021-10-26 | CVE-2021-40344 | Unrestricted Upload of File with Dangerous Type vulnerability in Nagios XI 5.8.5 An issue was discovered in Nagios XI 5.8.5. | 6.5 |
| 2021-10-26 | CVE-2021-40345 | Command Injection vulnerability in Nagios XI 5.8.5 An issue was discovered in Nagios XI 5.8.5. | 7.2 |
| 2021-10-14 | CVE-2021-33177 | SQL Injection vulnerability in Nagios XI The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. | 6.5 |
| 2021-10-14 | CVE-2021-33179 | Cross-site Scripting vulnerability in Nagios XI The general user interface in Nagios XI versions prior to 5.8.4 is vulnerable to authenticated reflected cross-site scripting. | 4.3 |