PT-2025-44509 · Unknown · Nagios Log Server

Sarang Tumne

Published

2024-06-05

Updated

2025-10-31

CVE-2024-58273

CVSS v4.0

8.5

High

Vector

AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1.0.2

Description The software contains a local privilege escalation issue. An attacker with the ability to execute commands as the Apache web user or the backend shell user can gain root access on the affected system.

Recommendations Update to version 2024R1.0.2 or later.

Fix

LPE

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-266

Related Identifiers

BDU:2025-15158

CVE-2024-58273

Affected Products

Nagios Log Server

PT-2025-44509 · Unknown · Nagios Log Server

CVE-2024-58273

Weakness Enumeration

Related Identifiers

Affected Products

References · 8