Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to retain access to system resources due to improper session invalidation and stale token handling. When an administrator deletes a user account, the backend fails to terminate active sessions and revoke associated API tokens, enabling unauthorized access to restricted functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nagios Network Analyzer 安全漏洞
Vulnerability Description
Nagios Network Analyzer是Nagios公司的一款用于监控和分析网络流量的企业级解决方案。 Nagios Network Analyzer 2024R1.0.3版本存在安全漏洞,该漏洞源于会话失效和令牌处理不当,可能导致未授权访问系统资源。
CVSS Information
N/A
Vulnerability Type
N/A