What is the severity of CVE-2022-3827?

The severity of CVE-2022-3827 is critical with a severity value of 9.8.

How does CVE-2022-3827 affect centreon?

CVE-2022-3827 affects centreon by allowing remote attackers to initiate a SQL injection attack through manipulation of the 'cg_id' argument in the 'formContactGroup.php' file of the Contact Groups Form component.

What is the affected software version of CVE-2022-3827?

The affected software version of CVE-2022-3827 is up to exclusive version 22.10.0 of centreon.

How can I fix CVE-2022-3827?

To fix CVE-2022-3827, it is recommended to update centreon to a version that includes the fix described in the provided references.

What is the Common Weakness Enumeration (CWE) of CVE-2022-3827?

The Common Weakness Enumeration (CWE) of CVE-2022-3827 includes CWE-89 (SQL Injection), CWE-707 (Improper Enforcement of Message Integrity During Transmission in a Communication Channel), and CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'))

Vulnerability/
CVE-2022-3827

critical

9.8

CWE

707 74 89

2/11/2022

3/8/2024

CVE-2022-3827: centreon Contact Groups Form formContactGroup.php sql injection

First published: Wed Nov 02 2022(Updated: )

A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cg_id leads to sql injection. The attack can be initiated remotely. The name of the patch is 293b10628f7d9f83c6c82c78cf637cbe9b907369. It is recommended to apply a patch to fix this issue. VDB-212794 is the identifier assigned to this vulnerability.

Credit: cna@vuldb.com

Affected Software	Affected Version	How to fix
Centreon Centreon	<22.10.0

Remedy

https://github.com/centreon/centreon/commit/293b10628f7d9f83c6c82c78cf637cbe9b907369

Remedy

https://github.com/centreon/centreon/pull/11869

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-3827?
The severity of CVE-2022-3827 is critical with a severity value of 9.8.
How does CVE-2022-3827 affect centreon?
CVE-2022-3827 affects centreon by allowing remote attackers to initiate a SQL injection attack through manipulation of the 'cg_id' argument in the 'formContactGroup.php' file of the Contact Groups Form component.
What is the affected software version of CVE-2022-3827?
The affected software version of CVE-2022-3827 is up to exclusive version 22.10.0 of centreon.
How can I fix CVE-2022-3827?
To fix CVE-2022-3827, it is recommended to update centreon to a version that includes the fix described in the provided references.
What is the Common Weakness Enumeration (CWE) of CVE-2022-3827?
The Common Weakness Enumeration (CWE) of CVE-2022-3827 includes CWE-89 (SQL Injection), CWE-707 (Improper Enforcement of Message Integrity During Transmission in a Communication Channel), and CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'))

collector/nvd-index
agent/type
agent/remedy
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/author
agent/title
agent/references
agent/severity
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/centreon
canonical/centreon centreon

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.