CVE-2020-9463: OS Command Injection
First published: Fri Feb 28 2020(Updated: )
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Centreon Centreon | =19.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for Centreon 19.10?
The vulnerability ID for Centreon 19.10 is CVE-2020-9463.
What is the severity of CVE-2020-9463?
The severity of CVE-2020-9463 is critical with a CVSS score of 8.8.
How does Centreon 19.10 allow remote authenticated users to execute arbitrary OS commands?
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
What is the affected software version for CVE-2020-9463?
The affected software version for CVE-2020-9463 is Centreon 19.10.
Is there a fix available for CVE-2020-9463?
There is currently no known fix available for CVE-2020-9463. It is recommended to update to a newer version of Centreon when a fix becomes available.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/centreon
- canonical/centreon centreon
- version/centreon centreon/19.10