SQL Injection Vulnerability Affects Centreon Web 24.04.x
CVE-2024-39841

8.8HIGH

Key Information:

Vendor: Centreon
Status: Centreon Web
Vendor: CVE Published:; 23 August 2024

What is CVE-2024-39841?

A vulnerability has been identified in the service configuration functionality of Centreon Web that allows for SQL Injection attacks. This issue impacts several versions of the software, potentially enabling unauthorized access to the database and manipulation of sensitive data. Users are strongly encouraged to upgrade to the latest versions to mitigate this security risk.

References

https://github.com/centreon/centreon/releases

https://thewatch.centreon.com/latest-security-bulletins-6...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 23, 2024
Vulnerability Reserved
Jun 29, 2024

CVE-2024-39841 Data

JSON