Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-7c96-f262-gcw8

Опубликовано: 31 окт. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 7.1
CVSS3: 6.5

Описание

Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability that allows non-administrator users to delete global dashboards. The application did not correctly enforce authorization checks for the global dashboard deletion workflow, enabling lower-privileged users to remove dashboards that affect other users or the overall monitoring UI.

Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability that allows non-administrator users to delete global dashboards. The application did not correctly enforce authorization checks for the global dashboard deletion workflow, enabling lower-privileged users to remove dashboards that affect other users or the overall monitoring UI.

Ссылки

EPSS

Процентиль: 44%
0.0022
Низкий

7.1 High

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2025-34273

Дефекты

CWE-863

Связанные уязвимости

nvd логотип

CVE-2025-34273

CVSS3: 6.5
nvd
3 месяца назад

Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability that allows non-administrator users to delete global dashboards. The application did not correctly enforce authorization checks for the global dashboard deletion workflow, enabling lower-privileged users to remove dashboards that affect other users or the overall monitoring UI.

fstec логотип

BDU:2025-15427

CVSS3: 7.1
fstec
6 месяцев назад

Уязвимость программного средства мониторинга и анализа логов Nagios Log Server, связанная с недостатками механизма авторизации, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 44%
0.0022
Низкий

7.1 High

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2025-34273

Дефекты

CWE-863