GSA_kwCzR0hTQS1mMjRqLWY5N3ctNjVoOM4AAiRn

Critical EPSS: 0.00218% (0.44565 Percentile) EPSS:

Permalink JSON

Centreon Privilege Escalation

Affected Packages	Affected Versions	Fixed Versions
packagist:centreon/centreon	<= 19.04.3	No known fixed version
0 Dependent packages 3 Dependent repositories 13,599 Downloads total Affected Version Ranges All affected versions 2.7.3, 2.99.1, 2.99.2, 2.99.3, 2.99.4, 2.99.5, 18.10.6, 18.10.7, 18.10.8, 18.10.9, 18.10.10, 18.10.11, 18.10.12, 19.4.2, 19.4.3

In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.

References:

https://nvd.nist.gov/vuln/detail/CVE-2018-21025
https://www.openwall.com/lists/oss-security/2019/10/08/1
https://github.com/centreon/centreon-archived/issues/7082
https://github.com/advisories/GHSA-f24j-f97w-65h8

Identifiers

GHSA-f24j-f97w-65h8

CVE-2018-21025

Risk

Severity

Critical

EPSS

EPSS Percentage: 0.00218

EPSS Percentile: 0.44565

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/centreon/centreon-archived

Date and time

Published

over 3 years ago

Updated

almost 2 years ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories