Main Vulnerability Database Vulnerabilities #VU50438

#VU50438 Cleartext storage of sensitive information in Centreon

Published: February 9, 2021

Vulnerability identifier: #VU50438

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-312

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Centreon

Software vendor:
Centreon

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists within the Configuration/H/HTPL/S/STPL features due to application stores passwords in clear text. An attacker with access to the system can retrieve passwords and use the in further attacks against the application or it users.

Remediation

Install updates from vendor's website.

External links

https://github.com/centreon/centreon/releases/tag/20.10.3

#VU50438 Cleartext storage of sensitive information in Centreon

Description

Remediation

External links

Please verify you're human