Vulnerability Description
Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration injection, or a vulnerability in input parsing - the attacker could execute code with root privileges, resulting in full system compromise. The Logstash service has been altered to run as the lower-privileged 'nagios' user to reduce this risk associated with a network-facing service that can accept untrusted input or load third-party components.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nagios | Log Server | < 2024 |
Related Weaknesses (CWE)
References
- https://www.nagios.com/changelog/#log-serverRelease Notes
- https://www.nagios.com/products/security/#log-server-2024R2Vendor Advisory
- https://www.vulncheck.com/advisories/nagios-log-server-logstash-process-root-priThird Party Advisory
FAQ
What is CVE-2025-34274?
CVE-2025-34274 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compr...
How severe is CVE-2025-34274?
CVE-2025-34274 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-34274?
Check the references section above for vendor advisories and patch information. Affected products include: Nagios Log Server.