Centreon: >> Centreon >> 19.04.2 Security Vulnerabilities
An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/host/refreshMacroAjax.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-04
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.)
CVSS Score
7.8
EPSS Score
0.001
Published
2020-01-16
Centreon before 2.8.30, 18.x before 18.10.8, and 19.x before 19.04.5 allows XSS via myAccount alias and name fields.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-11-26
Page 3