CVE-2016-15050
Published: 30 October 2025
Summary
CVE-2016-15050 is a high-severity SQL Injection (CWE-89) vulnerability in Nagios Nagios Xi. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Databases (T1213.006); ranked in the top 21.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation and sanitization of user-supplied search parameters to prevent SQL injection manipulation of database queries.
Ensures identification, reporting, and correction of the SQL injection flaw through timely patching to Nagios XI version 5.2.4 or later.
Provides vulnerability scanning to identify SQL injection issues like this CVE and trigger remediation actions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection vulnerability directly enables unauthorized database query manipulation for data disclosure (T1213.006) and modification (T1565.001) of notification and broader application database content.
NVD Description
Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification search functionality. User-supplied search parameters were incorporated into SQL statements without adequate parameterization or sanitation, allowing an authenticated user to manipulate database queries. Successful exploitation could…
more
disclose or modify notification data and, in some cases, impact the application database more broadly.
Deeper analysisAI
CVE-2016-15050 is a SQL injection vulnerability (CWE-89) in the notification search functionality of Nagios XI versions prior to 5.2.4. User-supplied search parameters are directly incorporated into SQL statements without adequate parameterization or sanitation, enabling an authenticated user to manipulate database queries.
The vulnerability has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it can be exploited remotely by an authenticated user with low privileges, requiring low complexity and no user interaction. Successful exploitation allows disclosure or modification of notification data and, in some cases, broader impacts on the application database.
Mitigation requires upgrading to Nagios XI version 5.2.4 or later. Additional details are provided in the Nagios XI changelog at https://www.nagios.com/changelog/nagios-xi/ and the VulnCheck advisory at https://www.vulncheck.com/advisories/nagios-xi-sqli-in-notification-search.
Details
- CWE(s)