Centreon Web@18.10.0 Security Vulnerabilities and Issues — Centreon Web@18.10.0 CVE List

Lucene search

CentreonCentreon Web18.10.0

6 matches found

CVE•added 2019/11/21 6:15 p.m.•77 views

CVE-2019-16405

Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same.

9CVSS7.2AI score0.08968EPSS

CVE•added 2019/10/08 1:15 p.m.•56 views

CVE-2019-17107

minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to execute arbitrary code via the command_hostaddress parameter. NOTE: some sources have listed CVE-2019-17017 for this, but that is incorrect.

8.8CVSS8.9AI score0.01694EPSS

CVE•added 2019/10/08 1:15 p.m.•44 views

CVE-2019-17108

Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28 allows attackers to disclose information or perform a stored XSS attack on a user.

6.1CVSS5.8AI score0.00091EPSS

CVE•added 2019/11/27 2:15 p.m.•42 views

CVE-2019-15298

A problem was found in Centreon Web through 19.04.3. An authenticated command injection is present in the page include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administration interface. This is the mibs management feature that contains a file filing ...

8.8CVSS8.8AI score0.08911EPSS

Web

CVE•added 2019/10/08 1:15 p.m.•33 views

CVE-2018-21023

getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the ns_id parameter.

8.8CVSS8.8AI score0.01728EPSS

CVE•added 2019/10/08 3:15 p.m.•25 views

CVE-2019-17105

The token generator in index.php in Centreon Web before 2.8.27 is predictable.

5.3CVSS5.3AI score0.0006EPSS