centreon/centreon is vulnerable to information disclosure. The GetXMLHost4Services.php
is accessible without authentication, revealing confidential information such as system information.
CPE | Name | Operator | Version |
---|---|---|---|
centreon/centreon | le | 19.10.1 | |
centreon/centreon | le | 19.04.4 | |
centreon/centreon | le | 18.10.7 |
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html#centreon-web-18-10-8
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html#centreon-web-19-04-5
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html#centreon-web-19-10-2
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html#centreon-web-2-8-30
github.com/centreon/centreon/pull/8022
github.com/centreon/centreon/releases/tag/18.10.8