Описание
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-16406
- https://github.com/centreon/centreon/pull/8062
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/release_notes/18.10/centreon-auto-discovery-18.10.8.html
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/release_notes/19.04/centreon-auto-discovery-19.04.2.html
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html#centreon-web-18-10-10
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html#centreon-web-19-04-8
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html#centreon-web-2-8-31
- https://thecybergeek.co.uk/cves/2019/09/19/CVEs.html
- https://www.centreon.com
EPSS
CVE ID
Связанные уязвимости
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.
EPSS