CVE-2023-7317

Nagios XI versions prior to 2024R1contain a missing access control vulnerability via the Web SSH Terminal.A remote, low-privileged attacker could access or interact with the terminal interface without sufficient authorization, potentially allowing unauthorized command execution or disclosure of sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
VulnCheckCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://www.nagios.com/changelog/nagios-xi/
https://www.nagios.com/products/security/#nagios-xi
https://www.vulncheck.com/advisories/nagios-xi-web-ssh-terminal-missing-access-control