CVE-2019-17644
First published: Wed Mar 04 2020(Updated: )
An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/host/refreshMacroAjax.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Centreon Centreon | <2.8.30 | |
| Centreon Centreon | >=2.8.4<18.10.8 | |
| Centreon Centreon | >=19.0.0<19.04.5 | |
| Centreon Centreon | >=19.04.6<19.10.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-17644?
CVE-2019-17644 is a vulnerability discovered in Centreon before versions 2.8-30, 18.10-8, 19.04-5, and 19.10-2. It allows sensitive information to be accessed via an unauthenticated direct request.
What software versions are affected by CVE-2019-17644?
Centreon versions 2.8.30, 2.8.4 to 18.10.8, 19.0.0 to 19.04.5, and 19.04.6 to 19.10.2 are affected.
What is the severity of CVE-2019-17644?
CVE-2019-17644 has a severity rating of 7.5 (High).
How can I fix CVE-2019-17644?
To fix CVE-2019-17644, it is recommended to upgrade Centreon to version 2.8.30, 18.10.8, 19.04.5, or 19.10.2 or later.
Where can I find more information about CVE-2019-17644?
You can find more information about CVE-2019-17644 in the Centreon release notes at https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10/index.html.
- collector/nvd-index
- agent/references
- agent/type
- agent/event
- vendor/centreon
- canonical/centreon centreon
- version/centreon centreon/2.8.4
- version/centreon centreon/19.0.0
- version/centreon centreon/19.04.6