CVE-2024-45754

HIGH

7.2

Descricao

An issue was discovered in the centreon-bi-server component in Centreon BI Server 24.04.x before 24.04.3, 23.10.x before 23.10.8, 23.04.x before 23.04.11, and 22.10.x before 22.10.11. SQL injection can occur in the listing of configured reporting jobs. Exploitation is only accessible to authenticated users with high-privileged access.

Detalhes CVE

Pontuacao CVSS v3.17.2

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosHIGH

Interacao do usuarioNONE

Publicado10/11/2024

Ultima modificacao10/15/2024

Fontenvd

Avistamentos honeypot0

Fraquezas (CWE)

CWE-89

Referencias

https://github.com/centreon/centreon/releases(cve@mitre.org)

https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-45754-centreon-mbi-high-severity-3888(cve@mitre.org)

https://www.algosecure.fr/actualites/blog(cve@mitre.org)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.