CyberSec.Space Logo
Back to CVE Browser

CVE-2019-9203

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile5.90th
PublishedMar 28, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.

Affected Platforms (CPE)

πŸ“¦
Nagios

Incident Manager

< 2.2.7

References & Advisories

πŸ”— http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
πŸ”— https://www.nagios.com/products/security/
πŸ”— http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
πŸ”— https://www.nagios.com/products/security/

Related Vulnerabilities

CVE-2017-114638.8

In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Refer...

CVE-2017-11106.5

IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated...

CVE-2019-207685.4

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS v...

CVE-2018-24055.4

SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment...