Description
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.)
References (2)
Core 2
Core References
Product x_refsource_misc
https://www.centreon.com/en/
Broken Link, Third Party Advisory x_refsource_misc
https://gist.github.com/Diefunction/9237f46b8659a65ab08de8ec9c258139
Scores
CVSS v3
7.8
EPSS
0.0011
EPSS Percentile
29.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (1)
centreon/centreon
< 19.10
Published
Jan 16, 2020
Tracked Since
Feb 18, 2026