Lucene search

GoogleOSV:GHSA-4F26-V6FR-9HMP

HistoryJul 28, 2021 - 5:52 p.m.

Improper Input Validation in Centreon Web

2021-07-2817:52:45

Google

osv.dev

centreon web

input validation

remote code execution

macro expression

administrator

software

EPSS

0.012

Percentile

85.3%

Centreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings.

References

packetstormsecurity.com/files/155999/Centreon-19.04-Remote-Code-Execution.html

documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html

documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html

documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html

documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html

github.com/centreon/centreon

github.com/centreon/centreon/pull/7864

github.com/centreon/centreon/pull/7884

github.com/centreon/centreon/releases/tag/19.04.5

github.com/TheCyberGeek/CVE-2019-16405.rb

nvd.nist.gov/vuln/detail/CVE-2019-16405

thecybergeek.co.uk/cves/2019/09/17/CVE-2019-16405-06.html

thecybergeek.co.uk/cves/2019/09/19/CVEs.html

EPSS

0.012

Percentile

85.3%

Related for OSV:GHSA-4F26-V6FR-9HMP