Security Advisory

CVE-2025-60425

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-27 00:00:00

Last updated 2025-10-27 19:52:37

Assigner mitre

State PUBLISHED

Description

Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the two-factor authentication mechanism is enabled, allowing attackers to perform a session hijacking attack.

← Browse all CVEs View on cve.org ↗