Centreon is vulnerable to Privilege Escalation. The vulnerability lies in the configuration of poller resources, where user-supplies strings are not properly validated before being used to construct SQL queries. An authenticated attacker can exploit this vulnerability to escalate privileges to an administrator.
docs.centreon.com/docs/21.10/releases/centreon-core/
github.com/centreon/centreon/commit/2d7f69a9a050e86a29d377ca9a95d77dd885369d
github.com/centreon/centreon/commit/51ca164a620e2eb697854fe006fc70705d6f6a55
github.com/centreon/centreon/commit/ae3f331bb39726a690136b5680bf7af1f379d78d
github.com/centreon/centreon/pull/11213
www.zerodayinitiative.com/advisories/ZDI-22-953/