Vulnerabilities > Nagios > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-13 | CVE-2021-37350 | SQL Injection vulnerability in Nagios XI Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation. | 7.5 |
2021-08-13 | CVE-2021-37353 | Server-Side Request Forgery (SSRF) vulnerability in Nagios XI Docker Wizard Nagios XI Docker Wizard before version 1.1.3 is vulnerable to SSRF due to improper sanitation in table_population.php. | 7.5 |
2021-05-24 | CVE-2020-28904 | Improper Privilege Management vulnerability in Nagios Fusion Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code. | 7.5 |
2021-05-24 | CVE-2020-28908 | Command Injection vulnerability in Nagios Fusion Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios. | 7.5 |
2021-04-08 | CVE-2021-28925 | SQL Injection vulnerability in Nagios Network Analyzer SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the o[col] parameter to api/checks/read/. | 7.5 |
2021-02-15 | CVE-2020-22427 | Unspecified vulnerability in Nagios XI 5.6.11 NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. | 7.2 |
2021-02-15 | CVE-2021-25298 | Unspecified vulnerability in Nagios XI 5.7.5 Nagios XI version xi-5.7.5 is affected by OS command injection. | 8.8 |
2021-02-15 | CVE-2021-25297 | Unspecified vulnerability in Nagios XI 5.7.5 Nagios XI version xi-5.7.5 is affected by OS command injection. | 8.8 |
2021-02-15 | CVE-2021-25296 | Unspecified vulnerability in Nagios XI 5.7.5 Nagios XI version xi-5.7.5 is affected by OS command injection. | 8.8 |
2021-01-26 | CVE-2021-3193 | Unspecified vulnerability in Nagios XI Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user. | 7.5 |