The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: SNPS
Published: 2021-10-14T14:55:39
Updated: 2024-08-03T23:42:20.048Z
Reserved: 2021-05-18T00:00:00
Link: CVE-2021-33177
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-10-14T15:15:08.990
Modified: 2021-10-20T18:19:18.117
Link: CVE-2021-33177
Redhat
No data.