SQL Injection Vulnerability in Nagios XI API Allows Arbitrary SQL Command Execution
CVE-2019-9165 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id.
Learn more about our Cis Benchmark Audit For Apple Ios.