Nagios Network Analyzer
Approved changes feed: RSS · Atom
cpe:2.3:a:nagios:nagios_network_analyzer:2024:r1.0.3*:*:*:*:*:*:*
part: a version: 2024 update: r1.0.3*
| Vendor | Nagios (7fb1328e-019e-51f8-8fa9-c12efadd1bbe) |
|---|---|
| Product | Nagios Network Analyzer (ee95415a-4267-5b5d-8c27-5cd45f137d1a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-28132 |
vulnerable | 2026-06-03 15:00:13.653571 |
Details available
A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse session tokens even after a user logs out, leading to unauthorized access and account takeover. This occurs due to insufficient session expiration, where session tokens remain valid beyond logout, allowing an attacker to impersonate users and perform actions on their behalf.
Published: 2025-04-01T00:00:00.000Z
Updated: 2025-04-01T19:49:32.374Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.