CNNVD-202510-4095 Information
CNNVD ID
CNNVD-202510-4095
Related CVE
- CNNVD Published: 2025-10-30
Description (Chinese)
Nagios Log Server是美国Nagios公司的一套集中式日志管理、监控和分析软件。 Nagios Log Server 2024R1.0.2之前版本存在安全漏洞,该漏洞源于Apache Web用户或后端shell用户可执行命令,可能导致本地权限提升至root。
Description (English)
Nagios Log Server is a centralized log management, monitoring and analysis software for the United States company Nagios. There is a security loophole in the pre-Nagios Log Server 2024R1.0.2 version, which originates from the enforceable commands of Apache Web or back-end Shell users, which may lead to local privileges being raised to root.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Nagios
Published
2025-10-30
Last Modified
2026-02-24
References
https://www.nagios.com/changelog/#log-server-2024R1 https://www.nagios.com/products/security/#log-server https://www.vulncheck.com/advisories/nagios-log-server-lpe-from-apache-backend-shell-user-to-root
Patch
https://www.nagios.com/products/security/#log-server
Share on: