Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2011-1523
HistoryMay 03, 2011 - 7:55 p.m.

CVE-2011-1523

2011-05-0319:55:10
CWE-79
mitre
web.nvd.nist.gov
60
cve-2011-1523
cross-site scripting
xss
nagios 3.2.3
statusmap.cgi

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.007

Percentile

80.1%

JSON

Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter.

Affected configurations

Nvd
Node
nagiosnagiosRange3.2.3
OR
nagiosnagiosMatch1.0
OR
nagiosnagiosMatch1.0_b1
OR
nagiosnagiosMatch1.0_b2
OR
nagiosnagiosMatch1.0_b3
OR
nagiosnagiosMatch1.0b1
OR
nagiosnagiosMatch1.0b2
OR
nagiosnagiosMatch1.0b3
OR
nagiosnagiosMatch1.0b4
OR
nagiosnagiosMatch1.0b5
OR
nagiosnagiosMatch1.0b6
OR
nagiosnagiosMatch1.1
OR
nagiosnagiosMatch1.2
OR
nagiosnagiosMatch1.3
OR
nagiosnagiosMatch1.4
OR
nagiosnagiosMatch1.4.1
OR
nagiosnagiosMatch2.0
OR
nagiosnagiosMatch2.0b1
OR
nagiosnagiosMatch2.0b2
OR
nagiosnagiosMatch2.0b3
OR
nagiosnagiosMatch2.0b4
OR
nagiosnagiosMatch2.0b5
OR
nagiosnagiosMatch2.0b6
OR
nagiosnagiosMatch2.0rc1
OR
nagiosnagiosMatch2.0rc2
OR
nagiosnagiosMatch2.1
OR
nagiosnagiosMatch2.2
OR
nagiosnagiosMatch2.3
OR
nagiosnagiosMatch2.3.1
OR
nagiosnagiosMatch2.4
OR
nagiosnagiosMatch2.5
OR
nagiosnagiosMatch2.7
OR
nagiosnagiosMatch2.8
OR
nagiosnagiosMatch2.9
OR
nagiosnagiosMatch2.10
OR
nagiosnagiosMatch2.11
OR
nagiosnagiosMatch3.0
OR
nagiosnagiosMatch3.0alpha1
OR
nagiosnagiosMatch3.0alpha2
OR
nagiosnagiosMatch3.0alpha3
OR
nagiosnagiosMatch3.0alpha4
OR
nagiosnagiosMatch3.0beta1
OR
nagiosnagiosMatch3.0beta2
OR
nagiosnagiosMatch3.0beta3
OR
nagiosnagiosMatch3.0beta4
OR
nagiosnagiosMatch3.0beta5
OR
nagiosnagiosMatch3.0beta6
OR
nagiosnagiosMatch3.0beta7
OR
nagiosnagiosMatch3.0rc1
OR
nagiosnagiosMatch3.0rc2
OR
nagiosnagiosMatch3.0rc3
OR
nagiosnagiosMatch3.0.1
OR
nagiosnagiosMatch3.0.2
OR
nagiosnagiosMatch3.0.3
OR
nagiosnagiosMatch3.0.4
OR
nagiosnagiosMatch3.0.5
OR
nagiosnagiosMatch3.0.6
OR
nagiosnagiosMatch3.1.0
OR
nagiosnagiosMatch3.1.1
OR
nagiosnagiosMatch3.1.2
OR
nagiosnagiosMatch3.2.0
OR
nagiosnagiosMatch3.2.1
OR
nagiosnagiosMatch3.2.2
VendorProductVersionCPE
nagiosnagios*cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:*
nagiosnagios1.0cpe:2.3:a:nagios:nagios:1.0:*:*:*:*:*:*:*
nagiosnagios1.0_b1cpe:2.3:a:nagios:nagios:1.0_b1:*:*:*:*:*:*:*
nagiosnagios1.0_b2cpe:2.3:a:nagios:nagios:1.0_b2:*:*:*:*:*:*:*
nagiosnagios1.0_b3cpe:2.3:a:nagios:nagios:1.0_b3:*:*:*:*:*:*:*
nagiosnagios1.0b1cpe:2.3:a:nagios:nagios:1.0b1:*:*:*:*:*:*:*
nagiosnagios1.0b2cpe:2.3:a:nagios:nagios:1.0b2:*:*:*:*:*:*:*
nagiosnagios1.0b3cpe:2.3:a:nagios:nagios:1.0b3:*:*:*:*:*:*:*
nagiosnagios1.0b4cpe:2.3:a:nagios:nagios:1.0b4:*:*:*:*:*:*:*
nagiosnagios1.0b5cpe:2.3:a:nagios:nagios:1.0b5:*:*:*:*:*:*:*
Rows per page:
1-10 of 631

Related

cvelist 1
nvd 1
ubuntucve 1
openvas 10
nessus 6
debiancve 1
prion 1
ubuntu 1
fedora 3
securityvulns 1
osv 1
cvelist
cvelist
CVE-2011-1523
2011-05-03 19:00:00
nvd
nvd
CVE-2011-1523
2011-05-03 19:55:10
ubuntucve
ubuntucve
CVE-2011-1523
2011-05-03 00:00:00
openvas
openvas
Nagios <= 3.2.3 'layer' XSS Vulnerability
2011-03-16 00:00:00
Nagios 'layer' Parameter XSS Vulnerabilities
2011-03-11 00:00:00
Ubuntu: Security Advisory (USN-1151-1)
2011-06-20 00:00:00
nessus
nessus
SuSE 10 Security Update : nagios (ZYPP Patch Number 7624)
2011-07-26 00:00:00
openSUSE Security Update : nagios (openSUSE-SU-2011:0833-1)
2014-06-13 00:00:00
SuSE 11.1 Security Update : nagios (SAT Patch Number 4849)
2011-07-12 00:00:00
debiancve
debiancve
CVE-2011-1523
2011-05-03 19:55:10
prion
prion
Cross site scripting
2011-05-03 19:55:00
ubuntu
ubuntu
Nagios vulnerabilities
2011-06-15 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: nagios-3.3.1-3.fc16
2012-02-21 01:32:04
[SECURITY] Fedora 15 Update: nagios-3.3.1-3.fc15
2012-02-21 01:31:11
[SECURITY] Fedora 16 Update: nagios-3.4.4-1.fc16
2013-01-23 01:29:55
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2011-06-19 00:00:00
osv
osv
nagios-4.4.6-2.5 on GA media
2024-06-15 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.007

Percentile

80.1%

JSON
Related for CVE-2011-1523
cvelist1nvd1ubuntucve1openvas10nessus6debiancve1prion1ubuntu1fedora3securityvulns1osv1