Search criteria
4 vulnerabilities found for centreon_vm by centreon
CVE-2019-17104 (GCVE-0-2019-17104)
Vulnerability from nvd – Published: 2019-10-08 12:19 – Updated: 2024-08-05 01:33
VLAI
Summary
In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/centreon/centreon/issues/7097 | x_refsource_MISC |
| https://www.openwall.com/lists/oss-security/2019/… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2019/10/09/2 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/centreon/centreon/issues/7097"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T08:06:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/centreon/centreon/issues/7097"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/centreon/centreon/issues/7097",
"refsource": "MISC",
"url": "https://github.com/centreon/centreon/issues/7097"
},
{
"name": "https://www.openwall.com/lists/oss-security/2019/10/08/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17104",
"datePublished": "2019-10-08T12:19:30.000Z",
"dateReserved": "2019-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-21025 (GCVE-0-2018-21025)
Vulnerability from nvd – Published: 2019-10-08 12:18 – Updated: 2024-08-05 12:19
VLAI
Summary
In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/centreon/centreon/issues/7082 | x_refsource_MISC |
| https://www.openwall.com/lists/oss-security/2019/… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2019/10/09/2 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:19:27.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/centreon/centreon/issues/7082"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T08:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/centreon/centreon/issues/7082"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/centreon/centreon/issues/7082",
"refsource": "MISC",
"url": "https://github.com/centreon/centreon/issues/7082"
},
{
"name": "https://www.openwall.com/lists/oss-security/2019/10/08/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21025",
"datePublished": "2019-10-08T12:18:39.000Z",
"dateReserved": "2019-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T12:19:27.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17104 (GCVE-0-2019-17104)
Vulnerability from cvelistv5 – Published: 2019-10-08 12:19 – Updated: 2024-08-05 01:33
VLAI
Summary
In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/centreon/centreon/issues/7097 | x_refsource_MISC |
| https://www.openwall.com/lists/oss-security/2019/… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2019/10/09/2 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/centreon/centreon/issues/7097"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T08:06:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/centreon/centreon/issues/7097"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/centreon/centreon/issues/7097",
"refsource": "MISC",
"url": "https://github.com/centreon/centreon/issues/7097"
},
{
"name": "https://www.openwall.com/lists/oss-security/2019/10/08/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17104",
"datePublished": "2019-10-08T12:19:30.000Z",
"dateReserved": "2019-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-21025 (GCVE-0-2018-21025)
Vulnerability from cvelistv5 – Published: 2019-10-08 12:18 – Updated: 2024-08-05 12:19
VLAI
Summary
In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/centreon/centreon/issues/7082 | x_refsource_MISC |
| https://www.openwall.com/lists/oss-security/2019/… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2019/10/09/2 | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:19:27.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/centreon/centreon/issues/7082"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T08:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/centreon/centreon/issues/7082"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/centreon/centreon/issues/7082",
"refsource": "MISC",
"url": "https://github.com/centreon/centreon/issues/7082"
},
{
"name": "https://www.openwall.com/lists/oss-security/2019/10/08/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
},
{
"name": "[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21025",
"datePublished": "2019-10-08T12:18:39.000Z",
"dateReserved": "2019-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T12:19:27.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}