|
|
|||
| Rule General Information |
|---|
| Release Date: | 2014-07-17 | |
| Rule Name: | Nagios Core Config Manager tfPassword SQL Injection Vulnerability (CVE-2013-6875) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php. | |
| Impact: | SQL injection | |
| Affected OS: | Windows, Other Unix, Linux | |
| Reference: | CVE-2013-6875 OSVDB:99942 |
|
| Solutions |
|---|
| Update vendor's patch. |