Lucene search
MitreVULNRICHMENT:CVE-2023-40934HistorySep 19, 2023 - 12:00 a.m.
CVE-2023-40934
2023-09-1900:00:00
mitre
github.com
nagios
sql injection
xi 5.11.1
authentication
privileges
core configuration manager
arbitrary commands
host escalations
notification settings
AI Score
8.4
Confidence
Low
EPSS
0.003
Percentile
70.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings.
Related
cvelist
cvelist
CVE-2023-40934
2023-09-19 00:00:00
cve
cve
CVE-2023-40934
2023-09-19 23:15:10
prion
prion
Sql injection
2023-09-19 23:15:00
nvd
nvd
CVE-2023-40934
2023-09-19 23:15:10
nessus
nessus
Nagios XI < 5.11.2 Multiple Vulnerabilities
2023-09-21 00:00:00
thn
thn
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
2023-09-20 12:38:00
hivepro
hivepro
Critical Security Vulnerabilities Uncovered in Nagios XI
2023-09-25 05:14:53
AI Score
8.4
Confidence
Low
EPSS
0.003
Percentile
70.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-40934