Execution with Unnecessary Privileges in Nagios Log Server
CVE-2025-34274

9.3CRITICAL

Key Information:

Vendor

NagiOS

Status
Log Server
Vendor
CVE Published:
30 October 2025

What is CVE-2025-34274?

Nagios Log Server prior to version 2024R2.0.3 is susceptible to a vulnerability wherein the embedded Logstash process runs as the root user, allowing potential attackers to execute malicious code with elevated privileges. This situation can arise through the exploitation of insecure plugins, injection in pipeline configurations, or flaws in input parsing mechanisms. To mitigate these risks, the Logstash service has been reconfigured to operate under the 'nagios' user, minimizing exposure to threats from untrusted inputs and third-party components.

Affected Version(s)

Log Server 0 < 2024R2.0.3

References

https://www.nagios.com/products/security/#log-server-2024R2
vendor-advisorypatch
https://www.nagios.com/changelog/#log-server
release-notespatch
https://www.vulncheck.com/advisories/nagios-log-server-lo...
third-party-advisory

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-34274 : Execution with Unnecessary Privileges in Nagios Log Server