Known Vulnerabilities for Nagios Xi by Nagios
Listed below are 10 of the newest known vulnerabilities associated with "Nagios Xi" by "Nagios".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-33177 | The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. Exploitation requir... | 8.8 - HIGH | 2021-10-14 | 2021-10-20 |
| CVE-2021-26024 | The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference: it is possible to... | 5.3 - MEDIUM | 2021-02-03 | 2022-06-28 |
| CVE-2021-26023 | The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS. | 6.1 - MEDIUM | 2021-02-03 | 2021-02-05 |
| CVE-2021-25299 | Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). The vulnerability exists in the file /usr/local/nagiosx... | 6.1 - MEDIUM | 2021-02-15 | 2021-03-04 |
| CVE-2021-25298 | Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html... | 8.8 - HIGH | 2021-02-15 | 2023-08-08 |
| CVE-2021-25297 | Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html... | 8.8 - HIGH | 2021-02-15 | 2023-08-08 |
| CVE-2021-25296 | Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html... | 8.8 - HIGH | 2021-02-15 | 2023-08-08 |
| CVE-2021-3277 | Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename fu... | 7.2 - HIGH | 2021-06-07 | 2021-06-15 |
| CVE-2021-3273 | Nagios XI below 5.7 is affected by code injection in the /nagiosxi/admin/graphtemplates.php component. To exploit this vulner... | 7.2 - HIGH | 2021-02-25 | 2021-03-02 |
| CVE-2021-3193 | Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, all... | 9.8 - CRITICAL | 2021-01-26 | 2021-02-03 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Nagios | Nagios Xi | 5.8.1 | All | All | All |
| Application | Nagios | Nagios Xi | 5.8.0 | All | All | All |
| Application | Nagios | Nagios Xi | 5.7.5 | All | All | All |
| Application | Nagios | Nagios Xi | 5.7.4 | All | All | All |
| Application | Nagios | Nagios Xi | 5.7.3 | All | All | All |
| Application | Nagios | Nagios Xi | 5.7.2 | All | All | All |
| Application | Nagios | Nagios Xi | 5.7.1 | All | All | All |
| Application | Nagios | Nagios Xi | 5.7.0 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.9 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.8 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.7 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.6 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.5 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.4 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.3 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.2 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.11 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.1 | All | All | All |
| Application | Nagios | Nagios Xi | 5.6.0 | All | All | All |
| Application | Nagios | Nagios Xi | 5.5.9 | All | All | All |