Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 contain multiple vulnerabilities.
Description
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') - CVE-2014-3829 Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 are vulnerable to command injection due to unsafe handling of session_id and template_id variables in displayServiceStatus.php and insufficient filtering on thecommand_line variable. The underlying operating system is then able to interpolate special characters, allowing for arbitrary commands to be injected. |
Impact
A remote unauthenticated attacker may be able to execute arbitrary OS and SQL commands. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
Vendor Information (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Centreon | Affected | 05 Sep 2014 | 15 Oct 2014 |
If you are a vendor and your product is affected, let us know.
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | 10.0 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Temporal | 8.1 | E:POC/RL:U/RC:UC |
| Environmental | 6.1 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
- http://www.centreon.com/Content-products/it-infrastructure-and-application-monitoring-centreon
- http://cwe.mitre.org/data/definitions/89.html
- http://cwe.mitre.org/data/definitions/77.html
- http://seclists.org/fulldisclosure/2014/Oct/78
Credit
Thanks to Tod Beardsley of Rapid7 for reporting this vulnerability and MaZ for the original vulnerability discovery.
This document was written by Chris King.
Other Information
- CVE IDs: CVE-2014-3828 CVE-2014-3829
- Date Public: 15 10월 2014
- Date First Published: 17 10월 2014
- Date Last Updated: 17 10월 2014
- Document Revision: 16