CVE-2024-45755
HIGHCentreon centreon-dsm-server <24.10.0, <24.04.3, <23.10.1, <23.04.3...
Title source: llmDescription
An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to configure Centreon DSM slots. Exploitation is only accessible to authenticated users with high-privileged access.
References (2)
Core 2
Core References
Various Sources
https://github.com/centreon/centreon/releases
Scores
CVSS v3
7.2
EPSS
0.0048
EPSS Percentile
38.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-89
Status
published
Published
Nov 25, 2024
Tracked Since
Feb 18, 2026