Security Advisory
CVE-2024-13999
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose the servers Active Directory (AD) or LDAP authentication token to an authenticated user. Exposure of the server’s AD/LDAP token could allow domain-wide authentication misuse, escalation of privileges, or further compromise of network-integrated systems.