Nagios 2.1.3

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:nagios:nagios:2.1.3:*:*:*:*:*:*:*

part: a version: 2.1.3 update: *

VendorNagios (7fb1328e-019e-51f8-8fa9-c12efadd1bbe)
ProductNagios (50575199-1514-50c1-89a9-fe9479fd126c)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:deb/debian/nagios4 purl2cpe 2026-06-01 10:14:43.781349
pkg:deb/ubuntu/nagios4 purl2cpe 2026-06-01 10:14:43.781351
pkg:github/nagiosenterprises/nagioscore purl2cpe 2026-06-01 10:14:43.781352
pkg:rpm/fedora/nagios purl2cpe 2026-06-01 10:14:43.781353
pkg:rpm/opensuse/nagios purl2cpe 2026-06-01 10:14:43.781355
pkg:sourceforge/nagios purl2cpe 2026-06-01 10:14:43.781356

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-6586 vulnerable 2026-06-03 14:42:58.939318 Details available
Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in his Name. When any admin views this, the XSS is triggered.
Published: 2020-03-16T15:30:57.000Z
Updated: 2024-08-04T09:11:04.623Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-6585 vulnerable 2026-06-03 14:42:58.938865 Details available
Nagios Log Server 2.1.3 has CSRF.
Published: 2020-03-16T15:31:53.000Z
Updated: 2024-08-04T09:11:04.278Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-6584 vulnerable 2026-06-03 14:42:58.938235 Details available
Nagios Log Server 2.1.3 has Incorrect Access Control.
Published: 2020-03-16T15:33:06.000Z
Updated: 2024-08-04T09:11:04.664Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.