Vulnerabilities > Centreon

DATE CVE VULNERABILITY TITLE RISK
2020-04-06 CVE-2019-19699 Improper Privilege Management vulnerability in Centreon
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day.
network
low complexity
centreon CWE-269
critical
 9.0
9.0
2020-03-20 CVE-2019-19487 OS Command Injection vulnerability in Centreon
Command Injection in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to achieve command injection via a plugin test.
network
low complexity
centreon CWE-78
8.8
8.8
2020-03-20 CVE-2019-19486 Path Traversal vulnerability in Centreon
Local File Inclusion in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to traverse paths via a plugin test.
network
low complexity
centreon CWE-22
6.5
6.5
2020-03-20 CVE-2019-19484 Open Redirect vulnerability in Centreon
Open redirect via parameter ‘p’ in login.php in Centreon (19.04.4 and below) allows an attacker to craft a payload and execute unintended behavior.
network
low complexity
centreon CWE-601
6.1
6.1
2020-03-05 CVE-2019-17647 SQL Injection vulnerability in Centreon
An issue was discovered in Centreon before 2.8.30, 18.10.8, 19.04.5, and 19.10.2.
network
low complexity
centreon CWE-89
7.5
7.5
2020-03-05 CVE-2019-17646 Information Exposure vulnerability in Centreon
An issue was discovered in Centreon before 18.10.8, 19.04.5, and 19.10.2.
network
low complexity
centreon CWE-200
5.0
5.0
2020-03-05 CVE-2019-17645 Information Exposure vulnerability in Centreon
An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3.
network
low complexity
centreon CWE-200
5.0
5.0
2020-03-05 CVE-2019-17642 Cross-Site Request Forgery (CSRF) vulnerability in Centreon
An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04.2.
network
centreon CWE-352
6.8
6.8
2020-03-04 CVE-2019-17644 Information Exposure vulnerability in Centreon
An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2..
network
low complexity
centreon CWE-200
5.0
5.0
2020-03-04 CVE-2019-17643 Information Exposure vulnerability in Centreon
An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2.
network
low complexity
centreon CWE-200
5.0
5.0