Nagios Incident Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Nagios Incident Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-9203 — CVSS 9.8 (critical): Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.
CVE-2019-9204 — CVSS 9.8 (critical): SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands.
CVE-2019-9202 — CVSS 8.8 (high): Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues.