Security fixed in Centreon Web

Submission: June 21, 2024

Publication date: September 17, 2024

Severity: HIGH

Feature: Edition of contacts / users

Component: centreon-web

Fixed in: 22.10.24, 23.04.21, 23.10.16 & 24.04.6 versions

CVE-2024-39843: SQLis in contacts form, only accessible to authenticated users with high privilege access.

Reporter: Trend Micro

Impact: (CVSS + Path) 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description: SQL injection vulnerabilities have been fixed in contacts form. These vulnerabilities were exploitable by authenticated users with high privilege access.

Reference: CVE-2024-39843

Be the first to reply!

Security fixed in Centreon Web

CVE-2024-39843: SQLis in contacts form, only accessible to authenticated users with high privilege access.

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded