PT-2023-7762 · Nagios · Nagios Xi

Publicado

2023-09-19

Atualizado

2023-09-19

CVE-2023-47407

CVSS v2.0

3.3

Baixa

Vetor

AV:N/AC:L/Au:M/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Nagios XI (affected versions not specified)

Description The issue is related to the unencrypted storage of credentials in the config.inc.php script of the Nagios XI monitoring tool. This could allow a remote attacker to gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Storage of Sensitive Information

Insecure Storage of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-312CWE-922

Identificadores relacionados

BDU:2023-08829

CVE-2023-47407

Produtos afetados

Nagios Xi

PT-2023-7762 · Nagios · Nagios Xi

CVE-2023-47407

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3