CVE-2021-37350

Critical

Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation.

mitre·CWE-89·Published 2021-08-13

CVSS

9.8

EPSS

0.80

KEV

Exploits

cve.orgen

138 chars

Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation.

NVDen

138 chars

Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation.

Nagios XI versiones anteriores a 5.8.5, es susceptible a una vulnerabilidad de inyección SQL en la Herramienta de Modificaciones Masivas debido a un saneo inapropiado de la entrada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H