CNNVD-202510-4108 Information
CNNVD ID
CNNVD-202510-4108
Related CVE
- CNNVD Published: 2025-10-30
Description (Chinese)
Nagios Log Server是美国Nagios公司的一套集中式日志管理、监控和分析软件。 Nagios Log Server 2024R1之前版本存在安全漏洞,该漏洞源于授权检查不当,可能导致经过身份验证但非特权用户读取或修改超出其权限的资源。
Description (English)
Nagios Log Server is a centralized log management, monitoring and analysis software for the United States company Nagios. The previous version of Nagios Log Server 2024R1 had a security loophole, which stemmed from inappropriate authorization checks and could lead to the read-out or modification of resources that were beyond their authority by a non-privileged user who had been identified.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Nagios
Published
2025-10-30
Last Modified
2026-02-24
References
https://www.nagios.com/changelog/nagios-log-server-2024r1/ https://www.vulncheck.com/advisories/nagios-log-server-incorrect-authorization-granting-full-api-access
Patch
https://www.nagios.com/products/security/#log-server
Share on: