Centreon 'command_name' Parameter Remote Command Execution Vulnerability Network Vulnerability

Summary

Centreon is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application. Centreon 2.3.1 is affected other versions may also be vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://www.centreon.com/
http://www.securityfocus.com/bid/50568
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-017.txt

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
/cgi-bin directory browsable ?
1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability

Take action and discover your vulnerabilities