Remote Code Execution Vulnerability in Nagios XI by Nagios Enterprises
CVE-2024-54960
6.5MEDIUM
What is CVE-2024-54960?
A critical SQL Injection vulnerability exists in Nagios XI 2024R1.2.2 that allows a remote attacker to execute arbitrary SQL queries. This can occur through a specially crafted payload submitted in the History Tab component, potentially compromising sensitive data and application integrity. Prompt patching and review of configurations are essential to mitigate the risks associated with this vulnerability.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved