CVE-2023-7322
Published: 30 October 2025
Summary
CVE-2023-7322 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Nagios Log Server. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 47.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires enforcement of approved authorizations for access to system resources like API endpoints, directly preventing non-privileged users from invoking unauthorized actions.
Mandates making correct access control decisions for system resources based on policies and roles, addressing the inadequate authorization checks that allowed improper API access.
Limits user privileges to only necessary access, reducing the impact of authorization flaws by minimizing the scope of potential unauthorized data access or modification.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Incorrect authorization (CWE-863) enables low-privileged authenticated users to invoke restricted API endpoints, gaining unauthorized access to data and execution of actions, mapping directly to exploitation for privilege escalation.
NVD Description
Nagios Log Server versions prior to 2024R1 contain an incorrect authorization vulnerability. Users who lacked the required API permission were nevertheless able to invoke API endpoints, resulting in unintended access to data and actions exposed via the API. This incorrect…
more
authorization check could allow authenticated but non-privileged users to read or modify resources beyond their intended rights.
Deeper analysisAI
CVE-2023-7322 is an incorrect authorization vulnerability (CWE-863) in Nagios Log Server versions prior to 2024R1. The flaw stems from inadequate checks that allow users without required API permissions to invoke API endpoints anyway, enabling unintended access to data and execution of actions exposed through the API. This permits authenticated but non-privileged users to read or modify resources beyond their designated rights.
The vulnerability can be exploited by an authenticated attacker with low privileges over the network, requiring low attack complexity and no user interaction. Successful exploitation grants high confidentiality and integrity impacts, such as unauthorized data access or modification, with no availability disruption. The CVSS v3.1 base score is 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).
Advisories from Nagios and Vulncheck recommend upgrading to Nagios Log Server 2024R1 to address the authorization flaw, as detailed in the official changelog and the Vulncheck advisory on the incorrect authorization granting full API access.
Details
- CWE(s)