CNNVD-202510-887 Information

CNNVD ID

CNNVD-202510-887

Related CVE

CVE-2025-44824

• CNNVD Published: 2025-10-07

Description (Chinese)

Nagios Log Server是美国Nagios公司的一套集中式日志管理、监控和分析软件。 Nagios Log Server 2024R1.3.2之前版本存在安全漏洞，该漏洞源于经过身份验证的用户可通过API调用停止Elasticsearch服务，可能导致拒绝服务。

Description (English)

Nagios Log Server is a centralized log management, monitoring and analysis software for the United States company Nagios. There was a security loophole in the pre-Nagios Log Server 2024R1.3.2 version, which stemmed from the fact that an accredited user could stop the Elasticsearch service through the API call, which could lead to the denial of the service.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Nagios

Published

2025-10-07

Last Modified

2026-02-24

References

https://github.com/skraft9/nagios-log-server-dos https://www.nagios.com/changelog/#log-server https://access.redhat.com/security/cve/cve-2025-44824