PT-2025-51178 · Unknown · Nxlog Agent
Published
2025-12-14
·
Updated
2025-12-15
·
CVE-2025-67900
CVSS v3.1
8.1
High
| Vector | AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NXLog Agent versions prior to 6.11
Description
NXLog Agent versions before 6.11 are susceptible to a local issue where the software can load a file specified by the
OPENSSL CONF environment variable. This could allow an attacker to hijack the OpenSSL configuration.Recommendations
Update NXLog Agent to version 6.11 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nxlog Agent