CVE-2025-34274 | THREATINT

Description

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration injection, or a vulnerability in input parsing - the attacker could execute code with root privileges, resulting in full system compromise. The Logstash service has been altered to run as the lower-privileged 'nagios' user to reduce this risk associated with a network-facing service that can accept untrusted input or load third-party components.

PUBLISHED Reserved 2025-04-15 | Published 2025-10-30 | Updated 2025-10-31 | Assigner VulnCheck

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-250 Execution with Unnecessary Privileges

Product status

Default status

unaffected

Any version before 2024R2.0.3

affected

References

www.nagios.com/products/security/ vendor-advisory patch

www.nagios.com/changelog/ release-notes patch

www.vulncheck.com/...server-logstash-process-root-privileges third-party-advisory

cve.org (CVE-2025-34274)

nvd.nist.gov (CVE-2025-34274)

Download JSON