CVE-2025-34272

MEDIUM EPSS 51.4%
Published Oct 30, 20258mo ago · Modified Jun 17, 20261w ago
5.3 CVSS 4.0
Medium
Find Similar
Published Oct 30, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago

Description

In Nagios Log Server versions prior to 2024R2.0.3, when a user's configured default dashboard is deleted, the application does not reliably fall back to an empty, default dashboard. In some implementations this can result in an unexpected dashboard being presented as the user's default view. Depending on the product's dashboard sharing and access policies, this behavior may cause information exposure or unexpected privilege exposure.

CVSS Details

Base Score
5.3
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
51.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 15

VendorProductVersionRange
nagioslog_server* <2024
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any
nagioslog_server2024any

References 3

  • nagios.com https://www.nagios.com/changelog/#log-server
    Release Notes
  • nagios.com https://www.nagios.com/products/security/#log-server-2024R2
    Vendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/nagios-log-server-non-empty-default-dashboard-fallback
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.