centreon/centreon is vulnerable to authorization bypass. The call of services macros can be performed without a valid session.
CPE | Name | Operator | Version |
---|---|---|---|
centreon/centreon | eq | 2.7.3 | |
centreon/centreon | le | 18.10.8 | |
centreon/centreon | le | 19.10.2 | |
centreon/centreon | le | 19.04.5 |
documentation-fr.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html
documentation-fr.centreon.com/docs/centreon/fr/18.10/release_notes/centreon-18.10/centreon-18.10.9.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html#centreon-web-18-10-8
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html#centreon-web-19-04-5
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html#centreon-web-19-10-2
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10/index.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html#centreon-web-2-8-30
github.com/centreon/centreon/pull/8034
github.com/centreon/centreon/pull/8035
github.com/centreon/centreon/pull/8036