GCVE - cpe:2.3:a:nagios:network_analyzer:2024:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:nagios:network_analyzer:2024:*:*:*:*:*:*:*

part: a version: 2024 update: *

Vendor	Nagios (`7fb1328e-019e-51f8-8fa9-c12efadd1bbe`)
Product	Network Analyzer (`2f24899e-0741-53a5-9b6a-2b0a21f19d2b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-34280`	vulnerable	2026-06-03 15:00:44.369253	Nagios Network Analyzer < 2024R2.0.1 RCE in LDAP Certificate Removal Function Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in the context of the web application service, resulting in remote code execution with the service's privileges. Published: 2025-10-30T21:27:41.203Z Updated: 2025-11-17T21:36:25.762Z Open on db.gcve.eu Reference links https://www.nagios.com/products/security/#network-analyzer https://www.nagios.com/changelog/nagios-network-analyzer/ https://www.vulncheck.com/advisories/nagios-network-analyzer-rce-in-ldap-certificate-removal-function	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-34278`	vulnerable	2026-06-03 15:00:44.368549	Nagios Network Analyzer < 2024R1 Source Groups / Percentile Calculator Menu Stored XSS Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting (XSS) vulnerability in the Source Groups page (percentile calculator menu). An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a victim views the affected page the injected script executes in the victim's browser context. Published: 2025-10-30T21:28:11.933Z Updated: 2025-11-17T21:36:25.596Z Open on db.gcve.eu Reference links https://www.nagios.com/products/security/#network-analyzer https://www.nagios.com/changelog/#network-analyzer https://www.vulncheck.com/advisories/nagios-network-analyzer-source-groups-percentile-calculator-menu-stored-xss	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-7319`	vulnerable	2026-06-03 14:54:00.432367	Nagios Network Analyzer < 2024R1 XSS via Percentile Calculator Menu Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting (XSS) via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser. Published: 2025-10-30T21:28:29.373Z Updated: 2025-11-17T21:36:23.299Z Open on db.gcve.eu Reference links https://www.nagios.com/changelog/#network-analyzer https://www.vulncheck.com/advisories/nagios-network-analyzer-xss-via-percentile-calculator-menu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.