Centreon is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain unauthorized access to certain functionality, which may lead to further attacks. Versions prior to Centreon 2.1.4 are vulnerable.
Updates are available. Please see the references for details.
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- ASP Inline Corporate Calendar SQL injection
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities