CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17104
https://notcve.org/view.php?id=CVE-2019-17104
In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set. En Centreon VM versiones hasta 19.04.3, la configuración de cookies dentro del Servidor HTTP de Apache no protege contra el robo porque el flag HTTPOnly no está configurado. • http://www.openwall.com/lists/oss-security/2019/10/09/2 https://github.com/centreon/centreon/issues/7097 https://www.openwall.com/lists/oss-security/2019/10/08/1 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2018-21025
https://notcve.org/view.php?id=CVE-2018-21025
In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files. En Centreon VM versiones hasta 19.04.3, el archivo centreon-backup.pl permite a atacantes convertirse en root por medio de un script diseñado, debido a derechos incorrectos de los archivos de configuración de origen. • http://www.openwall.com/lists/oss-security/2019/10/09/2 https://github.com/centreon/centreon/issues/7082 https://www.openwall.com/lists/oss-security/2019/10/08/1 • CWE-269: Improper Privilege Management •