CVE-2022-3827
Summary
| CVE | CVE-2022-3827 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-11-02 13:15:00 UTC |
| Updated | 2023-11-07 03:51:00 UTC |
| Description | A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cg_id leads to sql injection. The attack can be initiated remotely. The name of the patch is 293b10628f7d9f83c6c82c78cf637cbe9b907369. It is recommended to apply a patch to fix this issue. VDB-212794 is the identifier assigned to this vulnerability. |
Risk And Classification
Problem Types: CWE-707
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| FIX: SQLi in contact groups form by hyahiaoui-ext · Pull Request #11869 · centreon/centreon · GitHub | MISC | github.com | |
| FIX: SQLi in contact groups form (#11869) · centreon/centreon@293b106 · GitHub | MISC | github.com | |
| CVE-2022-3827 | centreon Contact Groups Form formContactGroup.php sql injection (ID 11869) | MISC | vuldb.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.