Summary
Nagios XI is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Impact
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Solution
Updates are available. Please see the references or vendor advisory for more information.
Insight
It's possible to bypass authentication in '/nagiosql/index.php'. By using 'OVS' as username and '%27)%20OR%201%3D1%20limit%201%3B--%20' as password it was possible to login as 'nagiosadmin'.
Affected
Versions prior to Nagios XI 2012R2.4 are vulnerable.
Detection
Try to login as nagiosadmin using SQL injection.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-6875 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities