+3I cant find much about the CVE or the Vulnerability and I am unsure how to handle it.
Out OpenVAS is reporting a RCE for centreon-web with a WontFix. Is it fixed? Will it be fixed? How to handle it?
The Vulnerability is described in this PDF: https://www.synacktiv.com/sites/default/files/2021-07/Centreon_Multiple_vulnerabilities_0.pdf
But the named CVE cant be found andywhere.
I’d say that this detection is a false positive. I found the list of reports made by this company at Avis de sécurité if i’m not mistaken the report that it is mentionning is related to issues from 2021 with versions not supported since a long time (Multiple vulnerabilities in Centreon < 20.04.13, 20.10.7 & 21.04.2)
As per your report you are using the version 24.10.16 so you are most likely not impacted by the CVE, no matter what it is.
But just in case i would contact Synacktiv directly to ask them about it.
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
