CVE-2024-33854

CRITICAL

Centreon Web 22.10.0-22.10.22 - SQL Injection in Graph Template Component

Title source: llm
STIX 2.1

Description

A SQL Injection vulnerability exists in the Graph Template component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.

Scores

CVSS v3 9.1
EPSS 0.0049
EPSS Percentile 38.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
centreon/centreon_web 22.10.0 - 22.10.23
Published Aug 23, 2024
Tracked Since Feb 18, 2026