An audit has identified security vulnerabilities in Centreon Web.
Centreon is unaware of situations where these could have been exploited.
If an instance of Centreon Web is exposed on Internet, these vulnerabilities have a high likelihood of being exploited and have a severe impact if exploited which results in a high risk.
CVE registration: CVE-2024-32501, CVE-2024-33852, CVE-2024-33853, CVE-2024-33854, CVE-2024-5725, CVE-2024-39841
It is therefore highly recommended to apply the provided product updates as early as possible.
Who is impacted?
- All Centreon on-premise platform versions are vulnerable.
- Centreon Cloud platforms have already been updated.
Applying the fix
Fixes have been provided for all supported versions and it is recommended to update Centreon Web:
These versions include cumulative fixes from prior updates.
If you are running an unsupported version, it is strongly recommended that you upgrade your platform to 24.04.