CVE-2024-45755 - Centreon DSM - High severity

Publication date: November 22, 2024

Component: centreon-dsm-server (on central server).

Feature: Manage DSM slots

Description: SQLi in the form to configure Centreon DSM slots, only accessible to authenticated users with high privilege access.

Reference: CVE-2024-45755

CVSS: 7.2 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: HIGH

Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:

Centreon DSM 24.10.0
Centreon DSM 24.04.3
Centreon DSM 23.10.1
Centreon DSM 23.04.3
Centreon DSM 22.10.2

These versions include cumulative fixes from prior updates.

Reporter: Matthew Taylor, Ludovic Tavernier and Rémi Millerand from Algosecure

Submission: Aug 30, 2024

Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

Be the first to reply!

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded