Centreon Web
Moderate fix4 remedies
cpe:2.3:a:centreon:centreon_web:*:*:*:*:*:*:*
Moderate fix4 remedies
- >= 24.10.0, < 24.10.3
- >= 24.04.0, < 24.04.9
- >= 23.10.0, < 23.10.19
- >= 23.04.0, < 23.04.24
Centreon Web SQL Injection Vulnerability in Media Upload Feature
Vulnerability
Patched
A SQL injection vulnerability has been identified in Centreon Web versions 24.10.x prior to 24.10.3, 24.04.x prior to 24.04.9, 23.10.x prior to 23.10.19, and 23.04.x prior to 23.04.24. This vulnerability allows high-privilege users to inject malicious SQL through the media upload form, potentially leading to unauthorized data manipulation or access.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Remediation
Users are advised to update to Centreon Web versions 24.10.3, 24.04.9, 23.10.19, or 23.04.24, all of which include cumulative fixes from prior updates.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
3.1impact
7.5exploitability
4.8remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.