CVE-2024-45755

{"id": "CVE-2024-45755", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-11-25T17:15:12.293", "references": [{"url": "https://github.com/centreon/centreon/releases", "source": "cve@mitre.org"}, {"url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-45755-centreon-dsm-high-severity-4066", "source": "cve@mitre.org"}], "vulnStatus": "Received", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can occur in the form to configure Centreon DSM slots. Exploitation is only accessible to authenticated users with high-privileged access."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Centreon centreon-dsm-server 24.10.x anterior a 24.10.0, 24.04.x anterior a 24.04.3, 23.10.x anterior a 23.10.1, 23.04.x anterior a 23.04.3 y 22.10.x anterior a 22.10.2. La inyecci\u00f3n de SQL puede ocurrir en el formulario para configurar las ranuras de Centreon DSM. La explotaci\u00f3n solo es accesible para usuarios autenticados con acceso con privilegios elevados."}], "lastModified": "2024-11-26T16:15:15.597", "sourceIdentifier": "cve@mitre.org"}