Known Vulnerabilities for products from Centreon
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Centreon".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-42429 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 8.8 - HIGH | 2023-03-29 | 2023-04-05 |
| CVE-2022-42428 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 8.8 - HIGH | 2023-03-29 | 2023-04-07 |
| CVE-2022-42427 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 8.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-42426 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 8.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-42425 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 8.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-42424 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 8.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-41142 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 8.8 - HIGH | 2023-01-26 | 2023-02-03 |
| CVE-2022-40044 json | Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) pa... | 5.4 - MEDIUM | 2022-09-26 | 2022-09-28 |
| CVE-2022-40043 json | Centreon v20.10.18 was discovered to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Co... | 8.8 - HIGH | 2022-09-26 | 2022-09-28 |
| CVE-2022-39988 json | A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows attackers to execute arbitrary web script or HTML via a... | 5.4 - MEDIUM | 2022-10-06 | 2022-10-06 |
| CVE-2022-36194 json | Centreon 22.04.0 is vulnerable to Cross Site Scripting (XSS) from the function Pollers > Broker Configuration by adding a cra... | 5.4 - MEDIUM | 2022-08-29 | 2022-09-01 |
| CVE-2022-34872 json | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Centreon. Authentic... | 6.5 - MEDIUM | 2022-08-03 | 2022-08-09 |
| CVE-2022-34871 json | This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is re... | 7.2 - HIGH | 2022-08-03 | 2022-08-09 |
| CVE-2022-3827 json | A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file ... | 9.8 - CRITICAL | 2022-11-02 | 2023-11-07 |
| CVE-2021-37558 json | A SQL injection vulnerability in a MediaWiki script in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote unauthent... | 9.8 - CRITICAL | 2021-08-03 | 2021-08-10 |
| CVE-2021-37557 json | A SQL injection vulnerability in image generation in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticat... | 8.8 - HIGH | 2021-08-03 | 2021-08-10 |
| CVE-2021-37556 json | A SQL injection vulnerability in reporting export in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticat... | 8.8 - HIGH | 2021-08-03 | 2021-08-10 |
| CVE-2021-28055 json | An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which mi... | 6.5 - MEDIUM | 2021-04-15 | 2022-06-28 |
| CVE-2021-28054 json | An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting (XSS) issue in "Configura... | 5.4 - MEDIUM | 2021-07-16 | 2021-08-04 |
| CVE-2021-28053 json | An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A SQL injection vulnerability in "Configuration > Users... | 8.8 - HIGH | 2021-07-16 | 2021-08-02 |
Known software with vulnerabilities from Centreon
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Centreon | Centreon | - |
| Application | Centreon | Centreon Host-monitoring Widget | 1.6.4 |
| Application | Centreon | Centreon Service-monitoring Widget | 1.6.4 |
| Application | Centreon | Centreon Tactical-overview Widget | 1.0.3 |
| Application | Centreon | Centreon Vm | 19.04.2 |
| Application | Centreon | Centreon Web | 18.10.0 |
| Application | Centreon | Widget-host-monitoring | 1.4.0 |