SQL injection vulnerabilities in Centreon through 19.04 allow attacks via the svc_id parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php.
References
Link | Resource |
---|---|
https://github.com/centreon/centreon/releases | Release Notes Third Party Advisory |
https://github.com/centreon/centreon/pull/7862 | Patch Third Party Advisory |
Configurations
Information
Published : 2019-09-25 09:15
Updated : 2019-09-25 11:28
NVD link : CVE-2019-16194
Mitre link : CVE-2019-16194
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
centreon
- centreon