Nagios Log Server <= 2024R1.3.2: Authenticated API can stop Elasticsearch
CVE-2025-44824 Published on October 7, 2025
Nagios Log Server before 2024R1.3.2 allows authenticated users (with read-only API access) to stop the Elasticsearch service via a /nagioslogserver/index.php/api/system/stop?subsystem=elasticsearch call. The service stops even though "message": "Could not stop elasticsearch" is in the API response. This is GL:NLS#474.
Weakness Type
What is an AuthZ Vulnerability?
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
CVE-2025-44824 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2025-44824
Want to know whenever a new CVE is published for Nagios Log Server? stack.watch will email you.
Affected Versions
Nagios Log Server:- Before 2024R1.3.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.