Vulnerabilities > Centreon > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-05 CVE-2019-17645 Forced Browsing vulnerability in Centreon
An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3.
network
low complexity
centreon CWE-425
7.5
2020-03-05 CVE-2019-17642 OS Command Injection vulnerability in Centreon
An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04.2.
network
low complexity
centreon CWE-78
8.8
2020-03-04 CVE-2019-17644 Forced Browsing vulnerability in Centreon
An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2..
network
low complexity
centreon CWE-425
7.5
2020-03-04 CVE-2019-17643 Forced Browsing vulnerability in Centreon
An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2.
network
low complexity
centreon CWE-425
7.5
2020-02-28 CVE-2020-9463 OS Command Injection vulnerability in Centreon 19.10
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
network
low complexity
centreon CWE-78
8.8
2020-02-24 CVE-2019-15299 Improper Authentication vulnerability in Centreon web
An issue was discovered in Centreon Web through 19.04.3.
network
low complexity
centreon CWE-287
8.8
2020-01-16 CVE-2019-20327 Incorrect Permission Assignment for Critical Resource vulnerability in Centreon
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges.
local
low complexity
centreon CWE-732
7.8
2019-11-27 CVE-2019-15300 SQL Injection vulnerability in Centreon web
A problem was found in Centreon Web through 19.04.3.
network
low complexity
centreon CWE-89
8.8
2019-11-27 CVE-2019-15298 OS Command Injection vulnerability in Centreon web
A problem was found in Centreon Web through 19.04.3.
network
low complexity
centreon CWE-78
8.8
2019-11-21 CVE-2019-16406 Incorrect Permission Assignment for Critical Resource vulnerability in Centreon web 19.04.4
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.
local
low complexity
centreon CWE-732
7.8