CVE-2024-45754 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-45754 PUBLISHED CVSS 7.199999809265137 HIGH

An issue was discovered in the centreon-bi-server component in Centreon BI Server 24.04.x before 24.04.3, 23.10.x before 23.10.8, 23.04.x before 23.04.11, and 22.10.x before 22.10.11. SQL injection can occur in the listing of configured reporting jobs. Exploitation is only accessible to authenticated users with high-privileged access.

EPSS 0.17% · 38.6th percentile

Risk Scores

CVSS v3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.17%

38.6th percentile

Affected Products

Vendor	Product	Versions
centreon	centreon	24.04.0, 22.10.0, 23.10.0
n/a	n/a	n/a
Centreon	Web
Centreon	BI Server

Timeline

Oct 11, 2024 CVE Published
Oct 12, 2024 EPSS Score
Oct 14, 2024 Coalition ESS Score
Oct 15, 2024 CVE Updated
Oct 17, 2024 Coalition ESS Score
Oct 30, 2024 EPSS Score
Nov 17, 2024 EPSS Score
Dec 7, 2024 EPSS Score
Dec 25, 2024 EPSS Score
Jan 12, 2025 EPSS Score
Jan 30, 2025 EPSS Score
Jan 31, 2025 Coalition ESS Score

References

Open in Interactive Console →