2025-10-30 21:28:50
VulnCheck
PUBLISHED
Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose the servers Active Directory (AD) or LDAP authentication token to an authenticated user. Exposure of the server’s AD/LDAP token could allow domain-wide authentication misuse, escalation of privileges, or further compromise of network-integrated systems.