Local File Inclusion Vulnerability in Centreon Web by Centreon
CVE-2019-17108

6.1MEDIUM

Key Information:

Vendor

Centreon

Status
Centreon Web
Vendor
CVE Published:
8 October 2019

What is CVE-2019-17108?

A local file inclusion vulnerability has been identified in Centreon Web versions prior to 2.8.28, specifically located in the brokerPerformance.php file. Attackers can exploit this vulnerability to disclose sensitive information or execute a stored XSS attack, potentially compromising user data and system integrity.

References

https://github.com/centreon/centreon/pull/7101
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2019/10/08/1
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2019/10/09/2
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.