Platform
nagios
Component
nagios-xi
Fixed in
2024R1.2
CVE-2024-14004 describes a privilege escalation vulnerability discovered in Nagios XI. This flaw allows authenticated users to potentially gain elevated privileges on the Nagios XI system by manipulating NagVis configuration data within the nagvis.conf file. The vulnerability affects versions prior to 2024R1.2, and a fix is available in version 2024R1.2.
Successful exploitation of CVE-2024-14004 could allow an attacker to gain root or administrator-level access to the Nagios XI server. This could lead to complete system compromise, including data breaches, modification of system configurations, and installation of malicious software. The attacker would need to be an authenticated user within the Nagios XI environment to exploit this vulnerability, but the impact of a successful attack is significant. The ability to manipulate NagVis configuration provides a relatively straightforward attack vector if an attacker can gain initial access.
CVE-2024-14004 was publicly disclosed on 2025-10-30. The vulnerability's ease of exploitation, combined with Nagios XI's widespread use in monitoring environments, suggests a potential for active exploitation. There are currently no publicly available proof-of-concept exploits, but the vulnerability is not considered complex to exploit. It has not been added to the CISA KEV catalog as of this writing.
Exploit Status
EPSS
0.10% (27% percentile)
CISA SSVC
The primary mitigation for CVE-2024-14004 is to upgrade Nagios XI to version 2024R1.2 or later. If an immediate upgrade is not possible, review and restrict access to the nagvis.conf file, ensuring only authorized users can modify it. Implement strict input validation on all NagVis configuration parameters to prevent malicious data from being injected. Consider using a Web Application Firewall (WAF) to filter potentially malicious requests targeting NagVis configuration endpoints. After upgrading, confirm the fix by attempting to manipulate NagVis configuration as a standard authenticated user; the changes should be rejected.
Actualice Nagios XI a la versión 2024R1.2 o posterior. Esta actualización corrige la vulnerabilidad de escalada de privilegios relacionada con la configuración de NagVis. Consulte el registro de cambios de Nagios XI para obtener más detalles sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-14004 is a vulnerability in Nagios XI versions prior to 2024R1.2 that allows authenticated users to potentially gain elevated privileges by manipulating NagVis configuration data.
You are affected if you are running Nagios XI versions 0–2024R1.2. Upgrade to version 2024R1.2 or later to mitigate the vulnerability.
Upgrade Nagios XI to version 2024R1.2 or later. As a temporary workaround, restrict access to the nagvis.conf file and implement strict input validation.
While no public exploits are currently available, the vulnerability's ease of exploitation suggests a potential for active exploitation.
Refer to the official Nagios XI security advisory for detailed information and instructions: [https://support.nagios.com/kb/article/137379/nagios-xi-security-vulnerability-cve-2024-14004/]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.