Veracode Vulnerability DatabaseVERACODE:22443Authorization Bypass
0.003 Low
EPSS
Percentile
70.4%
centreon/centreon is vulnerable to authorization bypass. The call of services macros can be performed without a valid session.
| CPE | Name | Operator | Version |
|---|---|---|---|
| centreon/centreon | eq | 2.7.3 | |
| centreon/centreon | le | 18.10.8 | |
| centreon/centreon | le | 19.10.2 | |
| centreon/centreon | le | 19.04.5 |
References
documentation-fr.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html
documentation-fr.centreon.com/docs/centreon/fr/18.10/release_notes/centreon-18.10/centreon-18.10.9.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html#centreon-web-18-10-8
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html#centreon-web-19-04-5
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html#centreon-web-19-10-2
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10/index.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html#centreon-web-2-8-30
github.com/centreon/centreon/pull/8034
github.com/centreon/centreon/pull/8035
github.com/centreon/centreon/pull/8036
Related
