CVE-2019-17106
published 2019-10-08CVE-2019-17106: In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components.
PriorityP431medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
1.07%
60.6th percentile
In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| centreon | centreon | >= 0 < 2.8.30 | 2.8.30 |
| centreon | centreon_web | <= 2.8.29 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Centreon Sensitive Data Exposure
osv·2022-05-24
CVE-2019-17106 [MEDIUM] Centreon Sensitive Data Exposure
Centreon Sensitive Data Exposure
In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components.
GHSA
Centreon Sensitive Data Exposure
ghsa·2022-05-24
CVE-2019-17106 [MEDIUM] CWE-312 Centreon Sensitive Data Exposure
Centreon Sensitive Data Exposure
In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.openwall.com/lists/oss-security/2019/10/09/2https://github.com/centreon/centreon/issues/7098https://www.openwall.com/lists/oss-security/2019/10/08/1http://www.openwall.com/lists/oss-security/2019/10/09/2https://github.com/centreon/centreon/issues/7098https://www.openwall.com/lists/oss-security/2019/10/08/1
2019-10-08
Published