VYPR
Unrated severityNVD Advisory· Published Oct 27, 2025· Updated Oct 27, 2025

CVE-2025-60425

CVE-2025-60425

Description

Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the two-factor authentication mechanism is enabled, allowing attackers to perform a session hijacking attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nagios/Fusiondescription
  • VMware/Fusionllm-fuzzy
    Range: v2024R1.2, v2024R2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.