CVE-2018-8733
Published: 18 April 2018
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.
Notes
Author | Note |
---|---|
mdeslaur | No indication that these issues also affect open-source Nagios 3.x. |
Priority
CVSS 3 base score: 9.8