Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nagios XI < 2024R1.1.3 AD/LDAP Token Authenticated Information Disclosure
Vulnerability Description
Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose the server's Active Directory (AD) or LDAP authentication token to an authenticated user. Exposure of the server’s AD/LDAP token could allow domain-wide authentication misuse, escalation of privileges, or further compromise of network-integrated systems.
CVSS Information
N/A
Vulnerability Type
将系统数据暴露到未授权控制的范围
Vulnerability Title
Nagios XI 安全漏洞
Vulnerability Description
Nagios XI是美国Nagios公司的一套IT基础设施监控解决方案。该方案支持对应用、服务、操作系统等进行监控和预警。 Nagios XI 2024R1.1.3之前版本存在安全漏洞,该漏洞源于特定情况下向认证用户泄露服务器AD或LDAP认证令牌,可能导致域范围认证滥用、权限提升或网络集成系统进一步入侵。
CVSS Information
N/A
Vulnerability Type
N/A