A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings.
Metrics
Affected Vendors & Products
References
History
Tue, 24 Sep 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-19T00:00:00
Updated: 2024-09-24T20:43:56.157Z
Reserved: 2023-08-22T00:00:00
Link: CVE-2023-40934
Vulnrichment
Updated: 2024-08-02T18:46:11.239Z
NVD
Status : Modified
Published: 2023-09-19T23:15:10.677
Modified: 2024-11-21T08:20:19.503
Link: CVE-2023-40934
Redhat
No data.