216.73.217.64

CVE-2024-54957

· Published 27/02/2025 20:16 · Modified 03/03/2025 16:15

Labels: CVE-2024-54957 2025-02-27CVE-2024-54957CWE-601[email protected]

Essential information

Published
27/02/2025 20:16
Modified
03/03/2025 16:15
Author
Creator
CVSS
6.1 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS metrics

Description

Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by users with read-only permissions. This vulnerability allows an attacker to craft a malicious link that redirects users to an arbitrary external URL without their consent.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References