Centreon Web Vulnerabilities: CVE-2024-39841, CVE-2024-33854, CVE-2024-33853, CVE-2024-33852, CVE-2024-32501

Centreon Web Vulnerabilities: CVE-2024-39841, CVE-2024-33854,  CVE-2024-33853, CVE-2024-33852,  CVE-2024-32501

Centreon Web, a popular IT monitoring solution, has recently been found to have multiple critical vulnerabilities that could allow attackers to execute arbitrary SQL commands and potentially gain unauthorized access to sensitive data. These vulnerabilities, collectively known as SQL Injection flaws, have been assigned CVE (Common Vulnerabilities and Exposures) identifiers and affect various components of Centreon Web across multiple versions.

CVE-2024-39841: Service Configuration Vulnerability

CVE-2024-39841 is a SQL Injection vulnerability that exists in the service configuration functionality of Centreon Web versions 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. This vulnerability has a CVSS (Common Vulnerability Scoring System) score of 8.8, indicating a high severity level. Attackers could exploit this flaw to execute arbitrary SQL commands, potentially leading to unauthorized access to the database and sensitive information disclosure.

 CVE-2024-33854: Graph Template Vulnerability

CVE-2024-33854 targets the Graph Template component in the same versions of Centreon Web. This vulnerability allows attackers to manipulate SQL queries, which could result in data corruption or unauthorized data access. The severity of this flaw is also high, with the potential to compromise the integrity of monitoring data.

 CVE-2024-33853: Timeperiod Vulnerability

CVE-2024-33853 affects the Timeperiod component in Centreon Web versions 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. Exploitation of this vulnerability could enable attackers to gain control over time-related configurations within the system, potentially disrupting monitoring and alerting functionalities.

CVE-2024-33852: Downtime Vulnerability

CVE-2024-33852 pertains to the Downtime component in the same version range as the previous vulnerabilities. Successful exploitation could allow attackers to alter downtime settings, leading to false reporting of system statuses and undermining the reliability of monitoring.

 CVE-2024-32501: updateServiceHost Vulnerability

This vulnerability is found in the updateServiceHost functionality of Centreon Web versions 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. The consequences of an exploit could include unauthorized modifications to service configurations, which could severely impact system operations and security.

 Impact and Recommendations

All on-premise versions of Centreon Web are vulnerable to these SQL Injection flaws, while Centreon Cloud platforms have already been updated to address these issues. It is crucial to note that if an instance of Centreon Web is exposed to the internet, the likelihood of exploitation is high, leading to severe impacts if successfully executed.

To mitigate these risks, Centreon strongly recommends that users update their Centreon Web installations to the latest versions (24.04.3 or higher, 23.10.13 or higher, 23.04.19 or higher, and 22.10.23 or higher). These updates include cumulative fixes from prior updates, ensuring that all known vulnerabilities are addressed effectively.

 Conclusion

The discovery of these SQL Injection vulnerabilities in Centreon Web underscores the importance of regular software updates and security audits. Organizations using Centreon must prioritize these updates to protect their systems from potential exploitation and ensure the reliability and integrity of their monitoring solutions.

https://nvd.nist.gov/