Primary

Context

Nagios XI Information Disclosure Vulnerability

Vulnerability

A vulnerability in Nagios XI version 2024R1.2.2 allows unauthenticated users to access multiple pages that reveal the usernames and email addresses of all current users. This information disclosure can facilitate reconnaissance efforts, potentially leading to phishing attacks or further exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized access to user information, including usernames and email addresses, which could be used for phishing attacks or other malicious activities.

Remediation

Users are advised to update to the latest version of Nagios XI.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nagios XI Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Nagios XI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating