Primary

Context

N-able N-central Syslog Configuration Vulnerability Allowing Unauthorized Access and Modification

Vulnerability

Patched

A vulnerability exists in N-able N-central in all versions prior to 2025.2, allowing any authenticated user to read, write, and modify syslog configurations across different customers on the same N-central server. This issue arises from improper access controls, enabling unauthorized changes to syslog settings, which could lead to misconfigured log exports and potential oversight of critical audit events.

Impact

Exploitation of this vulnerability could result in unauthorized access to syslog configurations, allowing for improper log management and potential loss of important audit trails.

Remediation

Users are advised to upgrade to N-able N-central version 2025.2 or later, which addresses this vulnerability. Instructions for upgrading N-central can be found in the N-able N-central Upgrade Guide.

Added: Aug 21, 2025, 6:16 PM

Updated: Aug 21, 2025, 6:16 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

N-able N-central Syslog Configuration Vulnerability Allowing Unauthorized Access and Modification

Vulnerability

Impact

Remediation

Affected Products

N-able N-central

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating