PT-2025-44501 · Nagios Enterprises · Nagios Xi
Márk Rákóczi
·
Published
2025-10-30
·
Updated
2025-10-30
·
CVE-2024-14002
CVSS v4.0
7.1
High
| AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Nagios XI versions prior to 2024R1.1.4
Description
Nagios XI is affected by a local file inclusion issue through its NagVis integration. An authenticated user can provide specially crafted path values, which may lead to the inclusion of local files and potential exposure of sensitive information from the host system.
Recommendations
Update Nagios XI to version 2024R1.1.4 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nagios Xi