{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T16:40:40.663","vulnerabilities":[{"cve":{"id":"CVE-2023-40934","sourceIdentifier":"cve@mitre.org","published":"2023-09-19T23:15:10.677","lastModified":"2024-11-21T08:20:19.503","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en Nagios XI 5.11.1 y versiones anteriores permite a atacantes autenticados con privilegios administrar las escaladas en máquinas anfitrión en Core Configuration Manager para ejecutar comandos SQL arbitrarios a través de la configuración de notificación de escalada de host."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionEndExcluding":"5.11.2","matchCriteriaId":"9DDB8315-F31F-4D8D-B78D-586732BDC727"}]}]}],"references":[{"url":"http://nagios.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://nagios.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}