CVE-2021-47693
Published: 30 October 2025
Description
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Security Summary
CVE-2021-47693 is a SQL injection vulnerability (CWE-89) in the Core Config Manager (CCM) component of Nagios XI versions prior to CCM 3.1.3 and Nagios XI 5.8.5. The issue stems from unsanitized user-supplied input in search text handling being directly incorporated into SQL queries used by configuration object editors, enabling injection of arbitrary SQL fragments.
The vulnerability can be exploited by authenticated users with low privileges over the network, requiring low complexity and no user interaction, as indicated by its CVSS 3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Successful exploitation allows attackers to disclose or modify configuration and application data without authorization, and in some environments, escalate to further compromise the application or backend database.
Mitigation requires upgrading to CCM 3.1.3 or Nagios XI 5.8.5, as detailed in the Nagios XI changelog (https://www.nagios.com/changelog/nagios-xi/) and VulnCheck advisory (https://www.vulncheck.com/advisories/nagios-xi-ccm-sqli-via-improper-escaping-in-search-text).
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
SQLi enables arbitrary SQL execution by low-priv users, facilitating privilege escalation via exploitation (T1068), collection from databases (T1213.006), and manipulation of stored configuration/application data (T1565.001).