{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T08:46:59.132","vulnerabilities":[{"cve":{"id":"CVE-2023-40931","sourceIdentifier":"cve@mitre.org","published":"2023-09-19T23:15:09.153","lastModified":"2024-11-21T08:20:19.003","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php"},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en Nagios XI desde la versión 5.11.0 hasta la 5.11.1 inclusive permite a atacantes autenticados ejecutar comandos SQL arbitrarios a través del parámetro ID en la solicitud POST a /nagiosxi/admin/banner_message-ajaxhelper.php"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11.0","versionEndExcluding":"5.11.2","matchCriteriaId":"7BA69A3A-E1A4-45C5-859C-51F4E92B32C6"}]}]}],"references":[{"url":"http://nagios.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://nagios.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}