{"id":72708,"date":"2025-10-31T01:45:49","date_gmt":"2025-10-30T22:15:49","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-34298-nagios-log-server-2024r1-3-2-set-email-privilege-escalation\/"},"modified":"2025-10-31T01:45:49","modified_gmt":"2025-10-30T22:15:49","slug":"cve-2025-34298-nagios-log-server-2024r1-3-2-set-email-privilege-escalation","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-34298-nagios-log-server-2024r1-3-2-set-email-privilege-escalation\/","title":{"rendered":"CVE-2025-34298 &#8211; Nagios Log Server &lt; 2024R1.3.2 Set Email Privilege Escalation"},"content":{"rendered":"<p>CVE ID : CVE-2025-34298<\/p>\n<p>Published :  Oct. 30, 2025, 10:15 p.m. | 1\u00a0hour, 10\u00a0minutes ago<\/p>\n<p>Description : Nagios Log Server versions prior to 2024R1.3.2 contain a privilege escalation vulnerability in the account email-change workflow. A user could set their own email to an invalid value and, due to insufficient validation and authorization checks tied to email identity state, trigger inconsistent account state that granted elevated privileges or bypassed intended access controls.<\/p>\n<p>Severity: 8.7 | HIGH<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-34298 Published : Oct. 30, 2025, 10:15 p.m. | 1\u00a0hour, 10\u00a0minutes ago Description : Nagios Log Server versions prior to 2024R1.3.2 contain a privilege escalation vulnerability in the account email-change workflow. A user could set their own email to an invalid value and, due to insufficient validation and authorization checks tied to &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-72708","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72708","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=72708"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72708\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=72708"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=72708"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=72708"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}