Описание
Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by users with read-only permissions. This vulnerability allows an attacker to craft a malicious link that redirects users to an arbitrary external URL without their consent.
Ссылки
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:nagios:nagios_xi:2024:r1.2.2:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00136
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.1
github
12 месяцев назад
Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by users with read-only permissions. This vulnerability allows an attacker to craft a malicious link that redirects users to an arbitrary external URL without their consent.
EPSS
Процентиль: 34%
0.00136
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601