CVE-2018-11589
N/A
N/A
Summary
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/centreon/centreon/pull/6250
- https://github.com/centreon/centreon/pull/6257
- https://github.com/centreon/centreon/pull/6251
- https://github.com/centreon/centreon/pull/6256
- https://github.com/centreon/centreon/releases
- https://github.com/centreon/centreon/pull/6255
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html
References
- https://github.com/centreon/centreon/pull/6250
- https://github.com/centreon/centreon/pull/6257
- https://github.com/centreon/centreon/pull/6251
- https://github.com/centreon/centreon/pull/6256
- https://github.com/centreon/centreon/releases
- https://github.com/centreon/centreon/pull/6255
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.