Описание
An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/service/refreshMacroAjax.php.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.31 (исключая)Версия от 18.0.0 (включая) до 18.10.9 (исключая)Версия от 19.04.0 (включая) до 19.04.6 (исключая)Версия от 19.10.0 (включая) до 19.10.3 (исключая)
Одно из
cpe:2.3:a:centreon:centreon:*:*:*:*:*:*:*:*
cpe:2.3:a:centreon:centreon:*:*:*:*:*:*:*:*
cpe:2.3:a:centreon:centreon:*:*:*:*:*:*:*:*
cpe:2.3:a:centreon:centreon:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.0007
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/service/refreshMacroAjax.php.
EPSS
Процентиль: 21%
0.0007
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425