PT-2019-14663 · Centreon · Centreon Web

Publicado

2019-11-21

Atualizado

2020-03-06

CVE-2019-16406

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Centreon Web version 19.04.4

Description The issue is related to weak permissions within the OVA and OVF files of Centreon Web, allowing attackers to gain privileges. This can be achieved by exploiting a Trojan horse Centreon-autodisco executable file launched by cron.

Recommendations For Centreon Web version 19.04.4, update the permissions within the OVA and OVF files to prevent unauthorized access and consider removing or restricting the Centreon-autodisco executable file to minimize the risk of exploitation.

Exploit

Correção

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2019-16406

Produtos afetados

Centreon Web

PT-2019-14663 · Centreon · Centreon Web

CVE-2019-16406

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10