CVE-2020-10945: Infoleak
First published: Wed May 27 2020(Updated: )
Centreon before 19.10.7 exposes Session IDs in server responses.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/centreon/centreon | <2.8.32 | 2.8.32 |
| composer/centreon/centreon | >=18.0.0<18.10.11 | 18.10.11 |
| composer/centreon/centreon | >=19.0.0<19.04.10 | 19.04.10 |
| composer/centreon/centreon | >=19.10.0<19.10.7 | 19.10.7 |
| Centreon Centreon | <=2.8.2 | |
| Centreon Centreon | >=18.10.0<18.10.11 | |
| Centreon Centreon | >=19.04.0<19.04.10 | |
| Centreon Centreon | >=19.10<19.10.7 | |
| Centreon Widget-host-monitoring | <1.6.4 | |
| Centreon Widget-host-monitoring | >=18.10.0<18.10.3 | |
| Centreon Widget-host-monitoring | >=19.04.0<19.04.3 | |
| Centreon Widget-host-monitoring | =19.10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2020-10945
- https://github.com/centreon/centreon-archived/pull/8291
- https://github.com/centreon/centreon-archived/commit/02a3248602ce194fbb098af34be4652565db2468
- https://github.com/centreon/centreon-archived/commit/1c14a8ee07225836bdd2ca480e47a63070a11bb9
- https://github.com/centreon/centreon-archived/commit/afa0ee6d43d22860ae435163559912696569fc2f
- https://github.com/centreon/centreon-archived/commit/fbee38536960eecaf52eda2bf31b90859c018b66
- https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure/
- https://github.com/advisories/GHSA-h5qv-p378-3hhr (Advisory)
- https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure
Frequently Asked Questions
What is CVE-2020-10945?
CVE-2020-10945 is a vulnerability in Centreon before version 19.10.7 that exposes Session IDs in server responses.
How severe is CVE-2020-10945?
CVE-2020-10945 is classified as a medium severity vulnerability.
How does CVE-2020-10945 affect Centreon?
CVE-2020-10945 affects Centreon versions before 19.10.7.
What is the remedy for CVE-2020-10945?
The remedy for CVE-2020-10945 is to update Centreon to version 19.10.7 or later.
Where can I find more information about CVE-2020-10945?
More information about CVE-2020-10945 can be found on the NIST National Vulnerability Database (NVD) website.
- collector/github-advisory-latest
- alias/GHSA-h5qv-p378-3hhr
- alias/CVE-2020-10945
- collector/github-advisory
- collector/nvd-index
- collector/nvd-cve
- agent/type
- agent/description
- agent/severity
- agent/author
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/weakness
- agent/last-modified-date
- agent/references
- collector/mitre-cve
- source/MITRE
- package-manager/composer
- vendor/centreon
- canonical/centreon centreon
- version/centreon centreon/2.8.2
- version/centreon centreon/18.10.0
- version/centreon centreon/19.04.0
- version/centreon centreon/19.10
- canonical/centreon widget-host-monitoring
- version/centreon widget-host-monitoring/18.10.0
- version/centreon widget-host-monitoring/19.04.0
- version/centreon widget-host-monitoring/19.10.0