CVE-2024-39841

HIGH

Centreon Web 22.10.0-22.10.22 - SQL Injection in Service Configuration

Title source: llm
STIX 2.1

Description

A SQL Injection vulnerability exists in the service configuration functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.

Scores

CVSS v3 8.8
EPSS 0.0113
EPSS Percentile 62.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
centreon/centreon_web 22.10.0 - 22.10.23
Published Aug 23, 2024
Tracked Since Feb 18, 2026