Lucene search
MitreVULNRICHMENT:CVE-2023-40933HistorySep 19, 2023 - 12:00 a.m.
CVE-2023-40933
2023-09-1900:00:00
mitre
github.com
sql injection
nagios xi
authenticated attackers
announcement banner
arbitrary sql commands
AI Score
8.3
Confidence
Low
EPSS
0.003
Percentile
70.6%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function.
Related
prion
prion
Sql injection
2023-09-19 23:15:00
nvd
nvd
CVE-2023-40933
2023-09-19 23:15:10
cve
cve
CVE-2023-40933
2023-09-19 23:15:10
cvelist
cvelist
CVE-2023-40933
2023-09-19 00:00:00
nessus
nessus
Nagios XI < 5.11.2 Multiple Vulnerabilities
2023-09-21 00:00:00
thn
thn
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
2023-09-20 12:38:00
hivepro
hivepro
Critical Security Vulnerabilities Uncovered in Nagios XI
2023-09-25 05:14:53
AI Score
8.3
Confidence
Low
EPSS
0.003
Percentile
70.6%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-40933