9

CVE-2019-19699

Exploit

EPSS 8.91%
Veröffentlicht 06.04.2020 16:15:13
Zuletzt bearbeitet 21.11.2024 04:35:13
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. To exploit the vulnerability, someone must have Admin access to the Centreon Web Interface and create a custom main.php?p=60803&type=3 command. The user must then set the Pollers Post-Restart Command to this previously created command via the main.php?p=60901&o=c&server_id=1 URI. This is triggered via an export of the Poller Configuration.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Centreon ≫ Centreon Version <= 19.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	8.91%	0.922

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://download.centreon.com/

Vendor Advisory

https://github.com/SpengeSec/CVE-2019-19699

Third Party Advisory

Exploit

https://spenge.pw/cves/

Third Party Advisory

https://twitter.com/SpengeSec/status/1204418071764463618

Third Party Advisory

https://www.centreon.com/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-19699

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-19699

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-19699

EUVD