Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A high privilege user is able to create and use a valid admin API token in centreon-web
Vulnerability Description
Incorrect Authorization vulnerability in Centreon web (API Token creation form modules) allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
授权机制不正确
Vulnerability Title
Centreon 安全漏洞
Vulnerability Description
Centreon是法国Centreon公司的一套开源的系统监控工具 。该产品主要提供对网络、系统和应用程序等资源的监控功能。 Centreon 24.04.0至24.04.10之前版本和24.10.0至24.10.4之前版本存在安全漏洞,该漏洞源于API令牌创建表单权限管理不当,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A