CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-9203

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile5.90th
Published2019年3月28日
Last Modified2024年11月21日

Vulnerability Description

Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.

Affected Platforms (CPE)

📦
Nagios

Incident Manager

< 2.2.7

References & Advisories

🔗 http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
🔗 https://www.nagios.com/products/security/
🔗 http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
🔗 https://www.nagios.com/products/security/

関連する脆弱性情報

CVE-2017-114638.8

In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Refer...

CVE-2017-11106.5

IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated...

CVE-2019-207685.4

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS v...

CVE-2018-24055.4

SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment...