CVE-2024-55573
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-55573
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-55573.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-55573
- Published
- 2025-01-23T23:15:08Z
- Modified
- 2025-07-01T16:12:47.495729Z
- Severity
-
- 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. A user with high privileges is able to inject SQL into the form used to create virtual metrics.
- References
Affected packages
Git / github.com/centreon/centreon
Affected versions
centreon-awie-23.*
centreon-awie-23.04.0
centreon-awie-23.04.1
centreon-dsm-23.*
centreon-dsm-23.04.0
centreon-dsm-23.04.1
centreon-dsm-23.04.2
centreon-dsm-23.04.3
centreon-gorgone-23.*
centreon-gorgone-23.04.0
centreon-gorgone-23.04.1
centreon-gorgone-23.04.10
centreon-gorgone-23.04.12
centreon-gorgone-23.04.15
centreon-gorgone-23.04.2
centreon-gorgone-23.04.3
centreon-gorgone-23.04.4
centreon-gorgone-23.04.5
centreon-gorgone-23.04.6
centreon-gorgone-23.04.7
centreon-gorgone-23.04.8
centreon-gorgone-23.04.9
centreon-ha-23.*
centreon-ha-23.04.0
centreon-open-tickets-23.*
centreon-open-tickets-23.04.0
centreon-open-tickets-23.04.1
centreon-open-tickets-23.04.2
centreon-open-tickets-23.04.3
centreon-open-tickets-23.04.4
centreon-open-tickets-23.04.5
centreon-web-23.*
centreon-web-23.04.0
centreon-web-23.04.1
centreon-web-23.04.10
centreon-web-23.04.11
centreon-web-23.04.12
centreon-web-23.04.13
centreon-web-23.04.14
centreon-web-23.04.15
centreon-web-23.04.19
centreon-web-23.04.2
centreon-web-23.04.20
centreon-web-23.04.21
centreon-web-23.04.22
centreon-web-23.04.23
centreon-web-23.04.3
centreon-web-23.04.4
centreon-web-23.04.5
centreon-web-23.04.6
centreon-web-23.04.7
centreon-web-23.04.8
centreon-web-23.04.9
centreon-widget-engine-status-23.*
centreon-widget-engine-status-23.04.0
centreon-widget-engine-status-23.04.1
centreon-widget-global-health-23.*
centreon-widget-global-health-23.04.0
centreon-widget-global-health-23.04.1
centreon-widget-graph-monitoring-23.*
centreon-widget-graph-monitoring-23.04.0
centreon-widget-graph-monitoring-23.04.2
centreon-widget-host-monitoring-23.*
centreon-widget-host-monitoring-23.04.0
centreon-widget-host-monitoring-23.04.1
centreon-widget-host-monitoring-23.04.2
centreon-widget-hostgroup-monitoring-23.*
centreon-widget-hostgroup-monitoring-23.04.0
centreon-widget-hostgroup-monitoring-23.04.1
centreon-widget-httploader-23.*
centreon-widget-httploader-23.04.0
centreon-widget-live-top10-cpu-usage-23.*
centreon-widget-live-top10-cpu-usage-23.04.0
centreon-widget-live-top10-cpu-usage-23.04.1
centreon-widget-live-top10-memory-usage-23.*
centreon-widget-live-top10-memory-usage-23.04.0
centreon-widget-live-top10-memory-usage-23.04.1
centreon-widget-ntopng-listing-23.*
centreon-widget-ntopng-listing-23.04.0
centreon-widget-service-monitoring-23.*
centreon-widget-service-monitoring-23.04.0
centreon-widget-service-monitoring-23.04.1
centreon-widget-servicegroup-monitoring-23.*
centreon-widget-servicegroup-monitoring-23.04.0
centreon-widget-servicegroup-monitoring-23.04.1
centreon-widget-single-metric-23.*
centreon-widget-single-metric-23.04.0
centreon-widget-single-metric-23.04.1
centreon-widget-tactical-overview-23.*
centreon-widget-tactical-overview-23.04.0
centreon-widget-tactical-overview-23.04.1