|
|||
Rule General Information |
---|
Release Date: | 2014-07-17 | |
Rule Name: | Nagios Core Config Manager tfPassword SQL Injection Vulnerability (CVE-2013-6875) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php. | |
Impact: | SQL injection | |
Affected OS: | Windows, Other Unix, Linux | |
Reference: | CVE-2013-6875 OSVDB:99942 |
|
Solutions |
---|
Update vendor's patch. |