Security Advisory

CVE-2024-13999

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-30 21:28:50
Last updated 2025-11-17 18:14:56
Assigner VulnCheck
State PUBLISHED

Description

Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose the servers Active Directory (AD) or LDAP authentication token to an authenticated user. Exposure of the server’s AD/LDAP token could allow domain-wide authentication misuse, escalation of privileges, or further compromise of network-integrated systems.