Nagios Log Server < 2024R2.0.3 Logstash Process Root Privileges

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration injection, or a vulnerability in input parsing - the attacker could execute code with root privileges, resulting in full system compromise. The Logstash service has been altered to run as the lower-privileged 'nagios' user to reduce this risk associated with a network-facing service that can accept untrusted input or load third-party components.

AI Analysis

Execution with unnecessary privileges vulnerability in Nagios Log Server's embedded Logstash process, allowing full system compromise if exploited.

Basic Information

ID CVE-2025-34274

Source VulnCheck

Published Oct 30, 2025 at 21:23

Affected Product

Vendor Nagios

Product Log Server

Affected Versions Nagios Log Server 0

CWE Classification

CWE-250

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Nagios

Product Log Server

Version < 2024R2.0.3

References

{
    "lastseen": "",
    "description": "Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration injection, or a vulnerability in input parsing - the attacker could execute code with root privileges, resulting in full system compromise. The Logstash service has been altered to run as the lower-privileged 'nagios' user to reduce this risk associated with a network-facing service that can accept untrusted input or load third-party components.",
    "published": "2025-10-30T21:23:54.741Z",
    "modified": "2025-10-30T21:23:54.741Z",
    "type": "cve",
    "title": "Nagios Log Server < 2024R2.0.3 Logstash Process Root Privileges",
    "source": "VulnCheck",
    "references": "https://www.nagios.com/products/security/#log-server-2024R2\nhttps://www.nagios.com/changelog/#log-server\nhttps://www.vulncheck.com/advisories/nagios-log-server-logstash-process-root-privileges",
    "id": "CVE-2025-34274",
    "bulletinFamily": "",
    "cwe": [
        "CWE-250"
    ],
    "cvelist": null,
    "sourceData": "Nagios Log Server 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Log Server",
    "version": "0",
    "vendor": "Nagios",
    "ai_description": "Execution with unnecessary privileges vulnerability in Nagios Log Server's embedded Logstash process, allowing full system compromise if exploited.",
    "ai_severity": "Critical",
    "ai_vendor": "Nagios",
    "ai_product": "Log Server",
    "ai_version": "< 2024R2.0.3",
    "ai_score": 9.3
}

Nagios Log Server < 2024R2.0.3 Logstash Process Root Privileges_CVE-2025-34274