CVE-2009-4368

Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.centreon.com/Development/changelog-2x.html
http://www.vupen.com/english/advisories/2009/3578	Patch Vendor Advisory
http://www.securityfocus.com/bid/37383
http://osvdb.org/61183
http://secunia.com/advisories/37808	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54893

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:merethis:centreon:2.1.2:::::::*
	cpe:2.3:a:merethis:centreon:2.1.1:::::::*
	cpe:2.3:a:merethis:centreon:2.0.1:::::::*
	cpe:2.3:a:merethis:centreon::::::::
	cpe:2.3:a:merethis:centreon:2.0:b2::::::
	cpe:2.3:a:merethis:centreon:2.0.2:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.6:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.5:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.7:::::::*
	cpe:2.3:a:merethis:centreon:1.4:::::::*
	cpe:2.3:a:merethis:centreon:2.1.0:::::::*
	cpe:2.3:a:merethis:centreon:2.0:rc5::::::
	cpe:2.3:a:merethis:centreon:1.4.2.4:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.1:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.3:::::::*
	cpe:2.3:a:merethis:centreon:2.0:rc4::::::
	cpe:2.3:a:merethis:centreon:2.0:rc2::::::
	cpe:2.3:a:merethis:centreon:1.4.2.2:::::::*
	cpe:2.3:a:merethis:centreon:2.0:rc3::::::
	cpe:2.3:a:merethis:centreon:2.0:b4::::::
	cpe:2.3:a:merethis:centreon:2.0:b3::::::
	cpe:2.3:a:merethis:centreon:2.0:b6::::::
	cpe:2.3:a:merethis:centreon:2.0:rc1::::::
	cpe:2.3:a:merethis:centreon:1.4.1:::::::*
	cpe:2.3:a:merethis:centreon:2.0:b5::::::

Information

Published : 2009-12-21 08:30

Updated : 2017-08-16 18:31

NVD link : CVE-2009-4368

Mitre link : CVE-2009-4368

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

merethis

centreon

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.centreon.com/Development/changelog-2x.html", "name": "http://www.centreon.com/Development/changelog-2x.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.vupen.com/english/advisories/2009/3578", "name": "ADV-2009-3578", "tags": ["Patch", "Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.securityfocus.com/bid/37383", "name": "37383", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/61183", "name": "61183", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/37808", "name": "37808", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54893", "name": "centreon-ping-security-bypass(54893)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-4368", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": true, "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2009-12-21T16:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.1.3"}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:b4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:b6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:1.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:merethis:centreon:2.0:b5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:31Z"}