Vulnerabilities in Nagios
117 resultsCVE-2021-47693HIGHNagios XI < 5.8.5 Core Config Manager (CCM) SQL Injection via Improper Escaping in Search TextEPSS 0.9%CVE-2012-10063HIGHNagios XI < 2012R1.3 Authenticated SQL Injection in Legacy CCMEPSS 0.9%CVE-2024-14004HIGHNagios XI < 2024R1.2 Privilege Escalation via NagVis Configuration (nagvis.conf)EPSS 0.9%CVE-2016-15050HIGHNagios XI < 5.2.4 SQL Injection in Notification SearchEPSS 0.9%CVE-2023-7322HIGHNagios Log Server < 2024R1 Incorrect Authorization Granting Full API AccessEPSS 0.9%CVE-2024-13996CRITICALNagios XI < 2024R1.1.3 Session Not Invalidated After Password ChangeEPSS 0.9%CVE-2025-34283HIGHNagios XI < 2024R1.4.2 API Key Disclosure via Neptune ThemesEPSS 0.9%CVE-2024-13998MEDIUMNagios XI < 2024R1.1.3 API Keys & Hashed Passwords Authenticated Information DisclosureEPSS 0.9%CVE-2025-34273HIGHNagios Log Server < 2024R2.0.3 Non-Admin Dashboard DeletionEPSS 0.9%CVE-2023-7312MEDIUMNagios Fusion < 4.2.0 Email Settings Stored XSS via SMTP/sendmailEPSS 0.8%CVE-2024-13994HIGHNagios XI < 2024R1.1.2 Allow Insecure Logins Missing AuthorizationEPSS 0.8%CVE-2020-36859HIGHNagios XI < 5.7.4 Core Config Manager (CCM) SQL Injection via Object Edit PagesEPSS 0.8%CVE-2023-53689MEDIUMNagios Fusion < 4.2.0 License Information Reflected XSSEPSS 0.7%CVE-2025-34272MEDIUMNagios Log Server < 2024R2.0.3 Non-Empty Default Dashboard FallbackEPSS 0.7%CVE-2023-53690MEDIUMNagios Fusion < 4.2.0 LDAP/AD Integration Stored XSSEPSS 0.7%CVE-2024-13993MEDIUMNagios XI < 2024R1.1.2 Reflected XSS via Login Page on Older BrowsersEPSS 0.6%CVE-2013-10072HIGHNagios XI < 2012R1.6 Auto-Discovery Missing AuthorizationEPSS 0.6%CVE-2025-34271HIGHNagios Log Server < 2024R2.0.2 Cluster Manager Credential Requests Sent Over PlaintextEPSS 0.6%CVE-2025-34278MEDIUMNagios Network Analyzer < 2024R1 Source Groups / Percentile Calculator Menu Stored XSSEPSS 0.6%CVE-2025-34298HIGHNagios Log Server < 2024R1.3.2 Set Email Privilege EscalationEPSS 0.6%