CyberSec.Space Logo
Back to CVE Browser

CVE-2018-21025

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1730%
EPSS Percentile44.32th
PublishedOct 8, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.

Affected Platforms (CPE)

πŸ“¦
Centreon

Centreon Vm

<= 19.04.3

References & Advisories

πŸ”— http://www.openwall.com/lists/oss-security/2019/10/09/2
πŸ”— https://github.com/centreon/centreon/issues/7082
πŸ”— https://www.openwall.com/lists/oss-security/2019/10/08/1
πŸ”— http://www.openwall.com/lists/oss-security/2019/10/09/2
πŸ”— https://github.com/centreon/centreon/issues/7082
πŸ”— https://www.openwall.com/lists/oss-security/2019/10/08/1

Related Vulnerabilities

CVE-2014-382810.0

Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow re...

CVE-2014-382910.0

displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote attacker...

CVE-2009-436810.0

Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) tra...

CVE-2018-115899.8

Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in ...