CVE-2012-10063
Published: 30 October 2025
Summary
CVE-2012-10063 is a critical-severity SQL Injection (CWE-89) vulnerability in Nagios Nagios Xi. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 21.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection attacks by validating and sanitizing crafted inputs to CCM parameters before they reach the database.
Mitigates the specific flaw by applying security patches or upgrading to Nagios XI 2012R1.3 or later as recommended.
Identifies SQL injection vulnerabilities like CVE-2012-10063 through regular vulnerability scanning of the Nagios XI application.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in Nagios XI web application (public-facing) enables exploitation (T1190) and unauthorized database access/modification (T1213.006).
NVD Description
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager (CCM) interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored…
more
in the application database. Successful exploitation could disclose or modify notification data and, in some cases, impact the application database more broadly.
Deeper analysisAI
CVE-2012-10063 is a SQL injection vulnerability (CWE-89) affecting Nagios XI versions prior to 2012R1.3, specifically in the legacy Core Configuration Manager (CCM) interface. The flaw allows authenticated users to manipulate SQL queries by supplying crafted input to certain CCM parameters, enabling unauthorized access to configuration data stored in the application's database. It has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high potential for confidentiality, integrity, and availability impacts.
An attacker with authenticated access to the Nagios XI instance can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation enables disclosure or modification of notification data and, in some cases, broader impacts on the application database, such as unauthorized data access or alteration.
Mitigation involves upgrading to Nagios XI 2012R1.3 or later, as indicated by the affected version range. Additional details are available in the Nagios XI changelog at https://www.nagios.com/changelog/nagios-xi/ and the VulnCheck advisory at https://www.vulncheck.com/advisories/nagios-xi-authenticated-sqli-in-legacy-ccm.
Details
- CWE(s)