CVE-2024-32501

CRITICAL

9.8

Description

A SQL Injection vulnerability exists in the updateServiceHost functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie8/23/2024

Derniere modification5/9/2025

Sourcenvd

Observations honeypot0

Produits affectes

centreon:centreon_web

Faiblesses (CWE)

CWE-89

References

https://centreon.com(cve@mitre.org)

https://thewatch.centreon.com/latest-security-bulletins-64/security-bulletin-for-centreon-web-3744(cve@mitre.org)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.