I’M UNDER A CYBER ATTACK

Alert

Alert 2023-02 – Critical Vulnerabilities in Nagios Products

There have been reported critical SQL Injection vulnerabilities affecting the Nagios XI network monitoring software, which could result in privilege escalation.

The list of vulnerabilities is described below:

  • CVE-2023-40933– SQL Injection in the ad banner configuration with High criticality with score 8.8, allows authenticated attackers with ad banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function.
  • CVE-2023-40934– SQL Injection in host/service escalation in Core Configuration Manager (CCM) with High criticality with score 7.
  • CVE-2023-40931– SQL injection in banner that recognizes the Medium criticality endpoint with a score of 6.5. Allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php.
  • CVE-2023-40932– Cross-Site Scripting in the custom logo component with Medium criticality with score 5.4. Allows authenticated attackers with access to the custom logo component to inject javascript or HTML of their choice via the alternate text field. This affects all pages containing the navigation bar, including the login page, meaning the attacker can steal plain text credentials.
Download PDF

WE’RE HERE TO HELP

Are you under a cyber attack?

Report it here

get the latest alerts in your inbox

Subscribe to our newsletter

We are a a group of highly trained professionals based in R&D with advanced technical knowledge and experience in the detection, analysis, containment, and recovery of security incidents.

We are a CSIRT, we are Cybolt.

I’M UNDER A CYBER ATTACK

Explore

Services

Stay updated

© 2024. Beacon Lab CSIRT, Privacy Policy

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.