PT-2019-14663 · Centreon · Centreon Web
Published
2019-11-21
·
Updated
2020-03-06
·
CVE-2019-16406
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Centreon Web version 19.04.4
Description
The issue is related to weak permissions within the OVA and OVF files of Centreon Web, allowing attackers to gain privileges. This can be achieved by exploiting a Trojan horse
Centreon-autodisco executable file launched by cron.Recommendations
For Centreon Web version 19.04.4, update the permissions within the OVA and OVF files to prevent unauthorized access and consider removing or restricting the
Centreon-autodisco executable file to minimize the risk of exploitation.Exploit
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Centreon Web