Nagios

Nagios Xi

189 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2020-36861

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:35:47
  • Zuletzt bearbeitet 06.11.2025 18:20:44

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.0.8 / Nagios XI 5.7.5 contains multiple cross-site scripting (XSS) vulnerabilities in the overlay UI elements and the Notification/Check Period pages. Insufficient validation or escap...

5.4

CVE-2021-47690

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:35:22
  • Zuletzt bearbeitet 06.11.2025 18:20:32

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains multiple cross-site scripting (XSS) vulnerabilities in Overlay modals. Insufficient validation or escaping of user-supplied input may allow an attacker ...

5.4

CVE-2020-36860

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:34:57
  • Zuletzt bearbeitet 06.11.2025 18:20:49

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains multiple cross-site scripting (XSS) vulnerabilities in the object edit pages. Insufficient validation or escaping of user-supplied input may allow an at...

5.1

CVE-2021-47692

  • EPSS 0.31%
  • Veröffentlicht 30.10.2025 21:34:27
  • Zuletzt bearbeitet 31.10.2025 14:16:10

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. It has been identified as a duplicate of  https://www.cve.org/CVERecord?id=CVE-2021-33179 .

5.4

CVE-2022-50585

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:34:05
  • Zuletzt bearbeitet 06.11.2025 18:19:25

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.7 / Nagios XI 5.8.9 contains a cross-site scripting (XSS) vulnerability via the Audit Log page search input. Insufficient validation or escaping of user-supplied input may allow an ...

8.8

CVE-2020-36859

  • EPSS 1%
  • Veröffentlicht 30.10.2025 21:33:40
  • Zuletzt bearbeitet 06.11.2025 18:20:58

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains multiple SQL injection vulnerabilities in the object edit pages. Unsanitized user-supplied input was incorporated into SQL queries used by configuration...

8.8

CVE-2021-47693

  • EPSS 1%
  • Veröffentlicht 30.10.2025 21:33:18
  • Zuletzt bearbeitet 06.11.2025 18:19:57

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.3 / Nagios XI 5.8.5 contains a SQL injection vulnerability in the search text handling. Unsanitized user-supplied input was incorporated into SQL queries used by configuration objec...

6.1

CVE-2021-47694

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:32:43
  • Zuletzt bearbeitet 06.11.2025 18:19:35

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.4 / Nagios XI 5.8.6 contains a reflected cross-site scripting (XSS) vulnerability via the Test Command functionality. Insufficient validation or escaping of user-supplied input may ...

8.8

CVE-2013-10073

  • EPSS 1.59%
  • Veröffentlicht 30.10.2025 21:32:22
  • Zuletzt bearbeitet 06.11.2025 16:24:10

Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to...

6.5

CVE-2013-10072

  • EPSS 0.12%
  • Veröffentlicht 30.10.2025 21:32:02
  • Zuletzt bearbeitet 06.11.2025 15:17:13

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery re...