CVE-2020-36869

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.5

Description Nagios XI versions prior to 5.7.5 have a SQL injection issue in the SNMP Trap Interface edit page. An account with administrative privileges is required to access the affected interface. A user with administrative access can provide crafted input that is not properly sanitized, potentially leading to unauthorized disclosure or modification of application data, or execution of arbitrary SQL commands against the backend database.

Recommendations Update to version 5.7.5 or later.