Known Vulnerabilities for Incident Manager by Nagios

Listed below are 3 of the newest known vulnerabilities associated with "Incident Manager" by "Nagios".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2019-9204	SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL comm...	9.8 - CRITICAL	2019-03-28	2022-10-06
CVE-2019-9203	Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.	9.8 - CRITICAL	2019-03-28	2022-10-06
CVE-2019-9202	Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues.	8.8 - HIGH	2019-03-28	2022-10-06

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Nagios	Incident Manager	2.2.7	All	All	All
Application	Nagios	Incident Manager	2.0.1	All	All	All
Application	Nagios	Incident Manager	2.0.0	All	All	All