CVE-2022-36194

Name of the Vulnerable Software and Affected Versions Centreon version 22.04.0

Description The issue is related to a Cross Site Scripting (XSS) attack. It can be exploited from the function Pollers > Broker Configuration by adding a crafted payload into the name parameter. This allows for the execution of malicious scripts. The estimated number of potentially affected devices worldwide is not specified. Details about real-world incidents where this issue was exploited are not provided. Technical details about exploitation include the use of a crafted payload in the name parameter. The API endpoint /centreon/main.get.php?p=60909 is involved, specifically the section where the "Add" button is clicked and the payload is entered in the "Name" section.

Recommendations For Centreon version 22.04.0, as a temporary workaround, consider disabling the Pollers > Broker Configuration function until a patch is available. Restrict access to the /centreon/main.get.php?p=60909 endpoint to minimize the risk of exploitation. Avoid using the name parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.