Skip to main content

Security Bulletins

Stay informed with the latest Centreon security bulletins to safeguard your infrastructure effectively.

35 Topics
rchauvel
Centreonian
rchauvelCentreonian
published in Latest Security Bulletins
Centreon Gorgone all versions - CRITICAL severitySecurity Bulletin

Publication date: August 11th, 2025Components: centreon-gorgoneDescription: Command whitelist is too permissive for auto-discovery and could be exploited by a user with priviledges on the Centreon UI to remotely control a target.Reference: N/ACVSS: 9.1 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)Severity: Critical Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Gorgone and add parameter "no_shell_interpretation" to Gorgone configuration as documented.Centreon Gorgone 24.10.7 Centreon Gorgone 24.04.10 Centreon Gorgone 23.10.14These versions include cumulative fixes from prior updates. Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.    

1380
rchauvel
Centreonian
rchauvel
Centreonian
rchauvelCentreonian
published in Latest Security Bulletins
Centreon License Manager all versions - HIGH severitySecurity Bulletin

Publication date: August 7th, 2025Components: centreon-license-managerDescription: The DOMPurify dependency is vulnerable to Prototype Pollution. The vulnerability is due to insufficient sanitization, allowing attackers to manipulate the prototype of JavaScript objects, potentially leading to unexpected behavior or security issues.Reference:N/ACVSS: 8.6 Severity: High Status: Fixes have been provided for all supported versions and it is recommended to update Centreon License Manager:Centreon License Manager 24.10.3 Centreon License Manager 24.04.5 Centreon License Manager 23.10.6These versions include cumulative fixes from prior updates. Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.  

2340
rchauvel
Centreonian
rchauvel
Centreonian
rchauvelCentreonian
published in Latest Security Bulletins
CVE-2025-4650 - Centreon Web all versions - HIGH severitySecurity Bulletin

 Publication date: August 7th, 2025Components: centreon-webDescription: User with high privileges is able to introduce a SQLi using the Meta Service indicator pageReference: CVE-2025-4650CVSS: 7.2 Severity: High Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Web:Centreon 24.10.9 Centreon 24.04.16 Centreon 23.10.26These versions include cumulative fixes from prior updates. Reporter: SpawnZii for YesWeHackSubmission: March 26, 2025 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date. 

2090
rchauvel
Centreonian
rchauvel
Centreonian
rchauvelCentreonian
published in Latest Security Bulletins
CVE-2025-6791 - Centreon Web all versions - HIGH severitySecurity Bulletin

Publication date: August 7th, 2025Components: centreon-webDescription: Second-order SQL injection detected in event logs, exploitable via a low-privileged user.Reference: CVE-2025-6791CVSS: 8.6 Severity: High Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Web:Centreon 24.10.9 Centreon 24.04.16 Centreon 23.10.26These versions include cumulative fixes from prior updates. Reporter: SpawnZii for YesWeHackSubmission: June 22, 2025 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date. 

2150
rchauvel
Centreonian
rchauvel
Centreonian
rchauvelCentreonian
published in Latest Security Bulletins
Centreon Web all versions - HIGH severitySecurity Bulletin

Publication date: August 7th, 2025Components: centreon-webDescription: Configuration forms and associated scripts have fields that are not protected against badly formatted parameters:Notification escalation pages Contact templates Host category Host configurationReference:N/ACVSS: 7.2 Severity: High Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Web:Centreon 24.10.9 Centreon 24.04.16 Centreon 23.10.26These versions include cumulative fixes from prior updates. Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date. 

1990
rchauvel
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2025-24813 - Centreon Map all version - CRITICAL severitySecurity Bulletin

Publication date: June 24, 2025Components: centreon-map-engine or centreon-map-legacy (on map server) Description: Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was

2910
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2022-46337 - Centreon MBI - Critical severitySecurity Bulletin

Publication date: June 10, 2025Component: centreon-bi-engineFeature: CBIS Engine Description:Apache derby has been upgrade to the 10.17.1.0 on the 24.04, 24.10 and develop branches in January 2024.But this was not not the case on the 23.10 and 23.04 version. Reference: CVE-2022-46337CVSS:  9.8Severity: CRITICAL Status: Fixes have been provided for all supported versions and it is recommended to update Centreon MBI server:Centreon MBI Engine 23.10.12 Centreon MBI Engine 23.04.23These versions include cumulative fixes from prior updates. Reporter: N/ASubmission: April 09, 2025Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

2130
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2025-4649 - Centreon Web - Medium severitysecurity bulletin

Publication date: March 14, 2025Component: centreon-webFeature:Event logs page Description: ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs. Reference: CVE-2025-4649CVSS:  4.9 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Severity: MEDIUM Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central:Centreon 24.10.4 Centreon 24.04.10 Centreon 23.10.21 Centreon 23.04.26These versions include cumulative fixes from prior updates. Reporter: Benoit PouletSubmission: Feb 03, 2025Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

940
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
Updated - CVE-2023-28447 - Centreon - High severitysecurity bulletin

Publication date: May 12, 2025Components: centreon-web, centreon-open-tickets & centreon-mbi-server.Feature: Open Tickets and Reporting (MBI) Update: Last March, we published a security bulletin advising you to update your Centreon central server. However, we did not make all module packages available. If you are using Centreon version 23.04.x ​​or 23.10.x, and if you use the ticket creation (Open Tickets) or reports generation (Centreon MBI) features, you must update your Centreon central server as well as these modules. Description: Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Upgrade to either version 3.1.48.1 Reference: CVE-2024-

1960
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2023-28447 - Centreon - High severitysecurity bulletin

Publication date: March 12, 2025Update: May, 12, 2025Components: centreon-web and all modules.Feature: All legacy pages Description: Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Upgrade to either version 3.1.48.1 Reference: CVE-2024-55573CVSS:  7.1 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central, Centreon Map and Centreon MBI servers:Centreon 23.10.x (centreon-web-23.10.22 and modules). Centreon 23.04.x (centreon-web-23.04.27 and modules)These versions include cumulative fixes from prior updates.Centreon 24.10.x and

3452
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
Centreon Map - Critical severitysecurity bulletin

  Publication date: Mai 12, 2025Component: centreon-map-engine On Centreon Map server.Feature: Graphical views (maps) Description: Upgraded spring security web dependency to version 6.2.8. Reference: N/ACVSS:  9.1Severity: CRITICAL Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Map server:Centreon Map 24.10.5 Centreon Map 24.04.11 Centreon Map 23.10.19 Centreon Map 23.04.23These versions include cumulative fixes from prior updates. Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

2370
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2022-46337 - Centreon MBI - Critical severitysecurity bulletin

Publication date: May 12, 2025Components: centreon-mbi-server on Centreon central server Description: Upgraded Apache Derby to version 10.17.1.0.Reference: CVE-2022-46337CVSS: 9.8Severity: Critical Status: Vulnerability has been already fixed for Centreon MBI 24.04.0 and 24.10.0 versions. Fixes have been backported for following versions and it is recommended to update Centreon central server:Centreon MBI 24.10.22 Centreon MBI 23.04.23These versions include cumulative fixes from prior updates. Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

1950
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-46924/CVE-2025-3767 - Centreon BAM - High severitysecurity bulletin

Publication date: March 10th, 2025Component: centreon-bam-server (on central server)Feature: Boolean KPI listing Description: SQLi in the listing of Boolean KPI, only accessible to authenticated users with high privilege access. Reference: CVE-2025-3767 (previously CVE-2024-46924)CVSS:  7.2 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:centreon-bam-server 24.10.1 centreon-bam-server 24.04.5 centreon-bam-server 23.10.10 centreon-bam-server 23.04.10These versions include cumulative fixes from prior updates. Reporter: Matthew Taylor, Ludovic Tavernier and Remi Millerand from AlgosecureSubmission: August 30, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

3881
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-55571/CVE-2025-3872 - Centreon Web - High severitySecurity bulletin

Publication date: March 17, 2025Component: centreon-web.Feature: User / Contact form Description: User with high privileges is able to become administrator by intercepting a request and altering the payload Reference: CVE-2025-3872  (replace CVE-2024-55571)CVSS:  7.2 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon Web 24.10.4 Centreon Web 24.04.10 Centreon Web 23.10.20 Centreon Web 23.04.25These versions include cumulative fixes from prior updates. Reporter: Floerer for YesWeHackSubmission: November 25, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

5720
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-35226 - Centreon - High severitysecurity bulletin

Publication date: March 12, 2025Component: centreon-web and all modules.Feature: All legacy pages Description: smarty/smarty is vulnerable to code injection. The vulnerability is due to insufficient validation of file names used in the `extends-tag`. This allows attackers to inject PHP code by choosing a malicious file name for an `extends-tag`. Reference: CVE-2024-35226CVSS:  7.3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central, Centreon Map and Centreon MBI servers:Centreon 24.10.x Centreon 24.04.x Centreon 23.10.x Centreon 23.04.xThese versions include cumulative fixes from prior updates. Reporter: N/ASubmission: November 28, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

1910
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2025-4647/CVE-2024-55574 - Centreon Web - High severitysecurity bulletin

Publication date: March 12, 2025Component: centreon-web (on central server).Feature: Media upload Description: A user with elevated privileges can bypass sanitization measures by replacing the content of an existing SVG. Reference: CVE-2025-4647 (replace CVE-2024-55574)CVSS:  8.4 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon Web 24.10.5 Centreon Web 24.04.11 Centreon Web 23.10.22 Centreon Web 23.04.27These versions include cumulative fixes from prior updates. Reporter: SpawnZii working with YesWeHackSubmission: November 27, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

2870
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2025-4648/CVE-2024-55575 - Centreon Web - High severitysecurity bulletin

Publication date: March 12, 2025Component: centreon-web (on central server).Feature: Media upload Description: A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request. Reference: CVE-2024-55575CVSS:  8.4 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon Web 24.10.5 Centreon Web 24.04.11 Centreon Web 23.10.22 Centreon Web 23.04.27These versions include cumulative fixes from prior updates. Reporter: SpawnZii working with YesWeHackSubmission: November 27, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

3230
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2025-4646/CVE-2024-55572 - Centreon Web - HIGH severitysecurity bulletin

  Publication date: March 10th, 2025Component: centreon-web (on central server).Feature: API Token Description: On the API token page a user with high privilege is able to create an API token for an admin owner and copy this token's value. Reference:  CVE-2025-4646 (replace CVE-2024-55572)CVSS:  7.2 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions having this feature and it is recommended to update Centreon Central server:Centreon Web 24.10.4 Centreon Web 24.04.10These versions include cumulative fixes from prior updates. Reporter: Floerer from YesWeHackSubmission: November 25, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

2970
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
Centreon Map - Critical severitysecurity bulletin

Publication date: February 17, 2025Components: centreon-map-engine (on map server), centreon-map-web-client (on central server) Description: Security fixes have been madeRemoved commons-logging (including Log4j). CVSS 9.8 Upgraded Apache Tomcat version. CVSS 9.8 Upgraded DOM purify. CVSS 8.3  Reference: N/ASeverity: Critical Status: Fixes have been provided for all supported versions and it is recommended to update both Centreon Central server and Centreon Map server:Centreon Map 24.10.3 Centreon Map 24.04.9 Centreon Map Legacy 24.04.9 Centreon Map 23.10.17 Centreon Map Legacy 23.10.17 Centreon Map 23.04.22 Centreon Map Legacy 23.04.22These versions include cumulative fixes from prior updates. Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

2205
C
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
Centreon Web - medium severitySecurity bulletin

Publication date: February 10, 2025Component: centreon-web (on central server).Feature: Event Logs page Description: ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs. Reference: To Be DefinedCVSS:  4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NSeverity: Medium Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon Web 24.10.4 Centreon Web 24.04.10 Centreon Web 23.10.21 Centreon Web 23.04.26These versions include cumulative fixes from prior updates. Reporter: Benoit PouletSubmission: February 3rd, 2025Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

2630
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-55573 - Centreon Web - Critical severitysecurity bulletin

Publication date: January 3rd, 2025Component: centreon-web (on central server).Feature: Virtual metrics settings Description: SQLi in the form used to create virtual metrics in centreon-web, only accessible to authenticated users with high privilege access and rights to create a virtual metric. Reference: CVE-2024-55573CVSS:  9.1 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Severity: CRITICAL Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon Web 24.10.3 Centreon Web 24.04.9 Centreon Web 23.10.19 Centreon Web 23.04.24These versions include cumulative fixes from prior updates. Reporter: SpawnZii for YesWeHackSubmission: November 25, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

9711
dagabard
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-53923 - Centreon Web - Critical severitysecurity bulletin

Publication date: January 3rd, 2025Component: centreon-web (on central server).Feature: Upload of medias Description: SQLi in the form to upload media in centreon-web, only accessible to authenticated users with high privilege access (access to administration pages). Reference: CVE-2024-53923CVSS:  9.1 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Severity: CRITICAL Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon Web 24.10.3 Centreon Web 24.04.9 Centreon Web 23.10.19 Centreon Web 23.04.24These versions include cumulative fixes from prior updates. Reporter: SpawnZii for YesWeHackSubmission: November 21, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

4930
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-45757 - Centreon BAM - High severitysecurity bulletin

Publication date: December 3rd, 2024Component: centreon-bam-server (on central server).Feature: Manage user settings Description: SQLi in the user settings form, only accessible to authenticated users with high privilege access. Reference: CVE-2024-45757CVSS:  7.2 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon BAM 24.10.0 Centreon BAM 24.04.4 Centreon BAM 23.10.9 Centreon BAM 23.04.9These versions include cumulative fixes from prior updates. Reporter: Matthew Taylor, Ludovic Tavernier and Rémi Millerand from AlgosecureSubmission: Aug 30, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date. 

5670
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-45755 - Centreon DSM - High severitysecurity bulletin

Publication date: November 22, 2024Component: centreon-dsm-server (on central server).Feature: Manage DSM slots Description: SQLi in the form to configure Centreon DSM slots, only accessible to authenticated users with high privilege access. Reference: CVE-2024-45755CVSS:  7.2 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon DSM 24.10.0 Centreon DSM 24.04.3 Centreon DSM 23.10.1 Centreon DSM 23.04.3 Centreon DSM 22.10.2These versions include cumulative fixes from prior updates. Reporter: Matthew Taylor, Ludovic Tavernier and Rémi Millerand from AlgosecureSubmission: Aug 30, 2024 Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.

6980
Laurent
Centreonian
Laurent
Centreonian
LaurentCentreonian
published in Latest Security Bulletins
CVE-2024-45756 - Centreon Open Tickets - High severitysecurity bulletin

Publication date: November 22, 2024Component: centreon-open-tickets (on central server).Feature: Open Tickets into ITSM tool from Centreon Description: SQLi in the form to create a ticket, only accessible to authenticated users with high privilege access. Reference: CVE-2024-45756CVSS:  7.2 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Severity: HIGH Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Central server:Centreon Open Tickets 24.10.0 Centreon Open Tickets 24.04.2 Centreon Open Tickets 23.10.1 Centreon Open Tickets 23.04.4 Centreon Open Tickets 22.10.4These versions include cumulative fixes from prior updates.👉 Important note: to ensure you do not lose any customization that might have been done to your OpenTicket provider, please make sure to:Take a backup of these folders: /usr/share/centreon/www/modules/centreon-open-tickets and /usr/share/centreon/www/widgets/open-tickets Apply the patch Copy the backed up register.php f

5050
Laurent
Centreonian

Badge winners

  • Social Expert
    Fab G.has earned the badge Social Expert
  • Five Topics Created
    Fab G.has earned the badge Five Topics Created
  • First Topic Created
    GeoCD40has earned the badge First Topic Created
  • Five Replies
    Anthohas earned the badge Five Replies
  • First Wish Posted
    ndubosthas earned the badge First Wish Posted
Show all badges
Terms & ConditionsCookie settings