CVE-2019-19486

Name of the Vulnerable Software and Affected Versions Centreon versions 19.04.4 and below

Description The issue allows an attacker to achieve command injection via a plugin test in the minPlayCommand.php file. This can also be exploited for Local File Inclusion, enabling an attacker to traverse paths.

Recommendations For Centreon versions 19.04.4 and below, update to a version above 19.04.4 to resolve the issue. As a temporary workaround, consider restricting access to the minPlayCommand.php file until a patch is available. Avoid using the plugin test feature in the affected versions until the issue is resolved.