VDB
CVE-2024-45754
CVE-2024-45754
PUBLISHED
CVSS 7.199999809265137 HIGH
An issue was discovered in the centreon-bi-server component in Centreon BI Server 24.04.x before 24.04.3, 23.10.x before 23.10.8, 23.04.x before 23.04.11, and 22.10.x before 22.10.11. SQL injection can occur in the listing of configured reporting jobs. Exploitation is only accessible to authenticated users with high-privileged access.
EPSS 0.17% · 38.6th percentile
Risk Scores
CVSS 3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.17%
38.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| centreon | centreon | 23.04.0, 23.10.0, 24.04.0 |
| n/a | n/a | * |
| Centreon | Web | |
| Centreon | BI Server |
Exploit Intelligence
Timeline
- Oct 11, 2024 CVE Published
- Oct 12, 2024 EPSS Score
- Oct 14, 2024 Coalition ESS Score
- Oct 15, 2024 CVE Updated
- Oct 17, 2024 Coalition ESS Score
- Oct 31, 2024 EPSS Score
- Nov 19, 2024 EPSS Score
- Dec 8, 2024 EPSS Score
- Dec 27, 2024 EPSS Score
- Jan 15, 2025 EPSS Score
- Jan 31, 2025 Coalition ESS Score
- Feb 3, 2025 EPSS Score
References
- https://github.com/centreon/centreon/releases url
- https://www.algosecure.fr/actualites/blog url
- https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-45754-centreon-mbi-high-severity-3888 url
- https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-45754-centreon-mbi-high-severity-3888?postid=13706#post13706 advisory
- https://thewatch.centreon.com/latest-security-bulletins-64/security-bulletin-for-centreon-web-3855?postid=13625#post13625 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-45754 advisory