CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-11587

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile26.06th
Published2018年6月25日
Last Modified2024年11月21日

Vulnerability Description

There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php.

Affected Platforms (CPE)

📦
Centreon

Centreon

= 3.4.6
📦
Centreon

Centreon Web

= 2.8.23

References & Advisories

🔗 https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html
🔗 https://github.com/centreon/centreon/pull/6263
🔗 https://github.com/centreon/centreon/releases
🔗 https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html
🔗 https://github.com/centreon/centreon/pull/6263
🔗 https://github.com/centreon/centreon/releases

相關漏洞威脅

CVE-2014-382810.0

Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow re...

CVE-2014-382910.0

displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote attacker...

CVE-2009-436810.0

Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) tra...

CVE-2018-210259.8

In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights o...