Описание
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:centreon:centreon_web:19.10.18:*:*:*:*:*:*:*
cpe:2.3:a:centreon:centreon_web:20.04.8:*:*:*:*:*:*:*
cpe:2.3:a:centreon:centreon_web:20.10.2:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00269
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
github
больше 3 лет назад
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application.
EPSS
Процентиль: 50%
0.00269
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-276