GCVE - cpe:2.3:a:nagios:nagios_xi:5.6.11:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:nagios:nagios_xi:5.6.11:*:*:*:*:*:*:*

part: a version: 5.6.11 update: *

Vendor	Nagios (`7fb1328e-019e-51f8-8fa9-c12efadd1bbe`)
Product	Nagios Xi (`7baa8382-9566-5d4f-a39b-a6738305acfe`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-22427`	vulnerable	2026-06-03 14:42:05.341497	Details available NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and the only option is to pay for a subscription service where technical details may be disclosed at an unspecified later time Published: 2021-02-15T17:39:26.000Z Updated: 2024-08-04T14:51:10.875Z Open on db.gcve.eu Reference links https://code610.blogspot.com/2020/03/postauth-rce-bugs-in-nagiosxi-5611.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10821`	vulnerable	2026-06-03 14:41:00.605630	Details available Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter. Published: 2020-03-22T19:53:12.000Z Updated: 2024-08-04T11:14:15.603Z Open on db.gcve.eu Reference links https://code610.blogspot.com/2020/03/nagios-5611-xssd.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10820`	vulnerable	2026-06-03 14:41:00.605334	Details available Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ password parameter. Published: 2020-03-22T19:53:20.000Z Updated: 2024-08-04T11:14:15.628Z Open on db.gcve.eu Reference links https://code610.blogspot.com/2020/03/nagios-5611-xssd.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10819`	vulnerable	2026-06-03 14:41:00.604963	Details available Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ username parameter. Published: 2020-03-22T19:53:28.000Z Updated: 2024-08-04T11:14:15.561Z Open on db.gcve.eu Reference links https://code610.blogspot.com/2020/03/nagios-5611-xssd.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.