First published: Thu Apr 15 2021(Updated: )
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Centreon Centreon | =20.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-28055 is an issue discovered in Centreon-Web in Centreon Platform 20.10.0, where the anti-CSRF token generation is predictable, allowing CSRF attacks to add an admin user.
CVE-2021-28055 has a severity level of medium, with a CVSS score of 6.5.
CVE-2021-28055 affects Centreon Platform 20.10.0, allowing CSRF attacks to add an admin user.
To fix CVE-2021-28055, it is recommended to upgrade Centreon Platform to a version that has addressed the predictable anti-CSRF token generation vulnerability.
More information about CVE-2021-28055 can be found at the following reference: [https://github.com/centreon/centreon/pull/9612](https://github.com/centreon/centreon/pull/9612).