Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.

2012-12-1200:00:00

www.kb.cert.org

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

48.2%

JSON

Overview

Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability.

Description

CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)

Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability. The vulnerability is found within the menuXML.php file inside the ‘menu’ parameter. It was reported that by injecting a payload after the menu parameter, for example ’ AND SLEEP(5) AND 'meHL'='meHL, the web application hung for 5 seconds.

Impact

A remote authenticated attacker may be able to run a subset of SQL commands against the back-end database.

Solution

Update

The vendor has stated that this vulnerability has been addressed in Centreon 2.4.0. Users are advised to update to Centreon 2.4.0 or newer.

Restrict access

As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent SQLi attacks since the attack comes as an SQL request from a legitimate user’s host. Restricting access would prevent an attacker from accessing a web interface using stolen credentials from a blocked network location.