Vulnerability Description
An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04.2. It allows CSRF with resultant remote command execution via shell metacharacters in a POST to centreon-autodiscovery-server/views/scan/ajax/call.php in the Autodiscovery plugin.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Centreon | Centreon | >= 18.0.0, < 18.10.8 |
Related Weaknesses (CWE)
References
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/releasRelease NotesVendor Advisory
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/releasRelease NotesVendor Advisory
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/releasRelease NotesVendor Advisory
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreoRelease NotesVendor Advisory
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/releasRelease NotesVendor Advisory
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/releasRelease NotesVendor Advisory
- https://documentation.centreon.com/docs/centreon-auto-discovery/en/latest/releasRelease NotesVendor Advisory
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreoRelease NotesVendor Advisory
FAQ
What is CVE-2019-17642?
CVE-2019-17642 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04.2. It allows CSRF with resultant remote command execution via shell metacharacters in a POST to centreon-autodiscovery-server/vie...
How severe is CVE-2019-17642?
CVE-2019-17642 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-17642?
Check the references section above for vendor advisories and patch information. Affected products include: Centreon Centreon.