Vulnerability Details CVE-2024-55573
An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to inject SQL into the form used to create virtual metrics.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.5%
CVSS Severity
CVSS v3 Score 9.1
References
Products affected by CVE-2024-55573
-
cpe:2.3:a:centreon:centreon_web:23.04.0
-
cpe:2.3:a:centreon:centreon_web:23.04.1
-
cpe:2.3:a:centreon:centreon_web:23.04.10
-
cpe:2.3:a:centreon:centreon_web:23.04.11
-
cpe:2.3:a:centreon:centreon_web:23.04.12
-
cpe:2.3:a:centreon:centreon_web:23.04.13
-
cpe:2.3:a:centreon:centreon_web:23.04.14
-
cpe:2.3:a:centreon:centreon_web:23.04.15
-
cpe:2.3:a:centreon:centreon_web:23.04.16
-
cpe:2.3:a:centreon:centreon_web:23.04.19
-
cpe:2.3:a:centreon:centreon_web:23.04.2
-
cpe:2.3:a:centreon:centreon_web:23.04.20
-
cpe:2.3:a:centreon:centreon_web:23.04.21
-
cpe:2.3:a:centreon:centreon_web:23.04.22
-
cpe:2.3:a:centreon:centreon_web:23.04.23
-
cpe:2.3:a:centreon:centreon_web:23.04.3
-
cpe:2.3:a:centreon:centreon_web:23.04.4
-
cpe:2.3:a:centreon:centreon_web:23.04.5
-
cpe:2.3:a:centreon:centreon_web:23.04.6
-
cpe:2.3:a:centreon:centreon_web:23.04.7
-
cpe:2.3:a:centreon:centreon_web:23.04.8
-
cpe:2.3:a:centreon:centreon_web:23.04.9
-
cpe:2.3:a:centreon:centreon_web:23.10.0
-
cpe:2.3:a:centreon:centreon_web:23.10.1
-
cpe:2.3:a:centreon:centreon_web:23.10.10
-
cpe:2.3:a:centreon:centreon_web:23.10.11
-
cpe:2.3:a:centreon:centreon_web:23.10.12
-
cpe:2.3:a:centreon:centreon_web:23.10.13
-
cpe:2.3:a:centreon:centreon_web:23.10.14
-
cpe:2.3:a:centreon:centreon_web:23.10.15
-
cpe:2.3:a:centreon:centreon_web:23.10.16
-
cpe:2.3:a:centreon:centreon_web:23.10.17
-
cpe:2.3:a:centreon:centreon_web:23.10.18
-
cpe:2.3:a:centreon:centreon_web:23.10.2
-
cpe:2.3:a:centreon:centreon_web:23.10.3
-
cpe:2.3:a:centreon:centreon_web:23.10.4
-
cpe:2.3:a:centreon:centreon_web:23.10.5
-
cpe:2.3:a:centreon:centreon_web:23.10.6
-
cpe:2.3:a:centreon:centreon_web:23.10.7
-
cpe:2.3:a:centreon:centreon_web:23.10.8
-
cpe:2.3:a:centreon:centreon_web:23.10.9
-
cpe:2.3:a:centreon:centreon_web:24.04.0
-
cpe:2.3:a:centreon:centreon_web:24.04.1
-
cpe:2.3:a:centreon:centreon_web:24.04.2
-
cpe:2.3:a:centreon:centreon_web:24.04.3
-
cpe:2.3:a:centreon:centreon_web:24.04.4
-
cpe:2.3:a:centreon:centreon_web:24.04.5
-
cpe:2.3:a:centreon:centreon_web:24.04.6
-
cpe:2.3:a:centreon:centreon_web:24.04.7
-
cpe:2.3:a:centreon:centreon_web:24.04.8
-
cpe:2.3:a:centreon:centreon_web:24.10.0
-
cpe:2.3:a:centreon:centreon_web:24.10.1
-
cpe:2.3:a:centreon:centreon_web:24.10.2