Nagios IX Network Monitoring fixes Critical Vulnerabilities
Take action: Not a panic patch since the vulnerabilities require credentials in order to be exploited. Nevertheless, it's wise to start planning the next regular patch.
Learn More
Security researchers have uncovered four vulnerabilities within Nagios XI, a widely used network and IT infrastructure monitoring solution. These vulnerabilities could potentially lead to information disclosure and privilege escalation.
These vulnerabilities affect Nagios XI version 5.11.1 and earlier. The vendor addressed these vulnerabilities on September 11, 2023, by releasing Nagios XI version 5.11.2.
The vulnerabilites tracked as CVE-2023-40931, CVE-2023-40933, and CVE-2023-40934 are SQL Injection vulnerabilities, enabling an attacker to escalate privileges within the product and access sensitive data, including password hashes and API tokens.
The vulnerability tracked as CVE-2023-40932, is a cross-site scripting flaw via the Custom Logo component, allowing an attacker to read and modify page data, including plaintext passwords from login forms.
Three of the vulnerabilities (CVE-2023-40931, CVE-2023-40933, and CVE-2023-40934) enable users, with varying levels of privileges, to insert SQL queries and access database fields. The data obtained from these vulnerabilities can further be utilized to escalate privileges within the product and gain access to sensitive user data such as password hashes and API tokens. The fourth vulnerability (CVE-2023-40932) permits Cross-Site Scripting via the Custom Logo component, appearing on every page, including the login page. This flaw can be leveraged to read and manipulate page data, including plaintext passwords from login forms.
