SITE UNDER CONSTRUCTION
Oliver Brooks
// doing the security things
Open main menu
CVE Showcase
Blog
(soon..âą)
Narcissism
Vulnerabilities identified in Nagios XI 5.11.1
CVE-2023-47401
Root RCE via Ansible Vault File Injection
Critical
CVE-2023-47400
Remote Code Execution Via Custom Includes
High
CVE-2023-47404
Authentication Not Required for SSH Terminal Functionality
High
CVE-2023-47408
Command Injection in Host Configuration Page
High
CVE-2023-47409
Host Pivot Via Insecure Migration Process Ansible Vault Credentials
Medium
CVE-2023-47410
Stored Cross Site Scripting Vulnerability in Adminâs User Management Page
Medium
CVE-2023-47411
Recursive Filesystem Deletion as Root Via Backup Script
Medium
CVE-2023-47412
Any Authenticated User Can Manipulate User and System Macros
Medium
CVE-2023-47413
Unintended Files Can Be Edited By Graph Editor Page
Medium
CVE-2023-47414
Local Privilege Escalation via rsyslog abuse
Medium
CVE-2023-47407
Sensitive Credentials Stored in Plaintext World Readable Files
Low
CVE-2023-47406
Portscanning Via Scheduled Backups
Low
CVE-2023-47405
Weak Default MySQL Credentials
Low
CVE-2023-47403
Missing Objects Page Lacks Authorization Controls
Low
CVE-2023-47402
Plaintext Storage of NRDP and NSCA Tokens
Low
CVE-2023-47399
Nagios XI Database User Can Delete From Audit Log
Low