centreon/centreon is vulnerable to authentication bypass. Changing a password on a profile page by a valid user causes the contact_autologin_key value
in database filed to be blank instead of NULL
, allowing to partially bypass the authentication.
CPE | Name | Operator | Version |
---|---|---|---|
centreon/centreon | le | 19.10.1 | |
centreon/centreon | le | 18.10.11 | |
centreon/centreon | le | 2.99.5 | |
centreon/centreon | le | 19.04.4 |