A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs.
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 28 Apr 2025 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:centreon:centreon:24.04.2:-:*:*:*:*:*:*

Mon, 23 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Centreon
Centreon centreon
Weaknesses CWE-89
CPEs cpe:2.3:a:centreon:centreon:*:*:*:*:*:*:*:*
Vendors & Products Centreon
Centreon centreon
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 23 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
Description A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-23T18:58:21.141Z

Reserved: 2024-06-29T00:00:00

Link: CVE-2024-39842

cve-icon Vulnrichment

Updated: 2024-09-23T18:56:21.759Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-23T19:15:13.437

Modified: 2025-04-28T17:12:16.417

Link: CVE-2024-39842

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.