Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.
Informations
Name VU#856892 First vendor Publication 2012-12-12
Vendor VU-CERT Last vendor Modification 2012-12-12
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score 6.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#856892

Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.

Original Release date: 12 Dec 2012 | Last revised: 12 Dec 2012

Overview

Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability.

Description

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Centreon 2.3.3 through 2.3.9-4 contains a blind sql injection vulnerability. The vulnerability is found within the menuXML.php file inside the 'menu' parameter. It was reported that by injecting a payload after the menu parameter, for example ' AND SLEEP(5) AND 'meHL'='meHL, the web application hung for 5 seconds.

Impact

A remote authenticated attacker may be able to run a subset of SQL commands against the back-end database.

Solution

Update

The vendor has stated that this vulnerability has been addressed in Centreon 2.4.0. Users are advised to update to Centreon 2.4.0 or newer.

Restrict access

As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent SQLi attacks since the attack comes as an SQL request from a legitimate user's host. Restricting access would prevent an attacker from accessing a web interface using stolen credentials from a blocked network location.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
CentreonAffected09 Nov 201207 Dec 2012
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base6.3AV:N/AC:M/Au:S/C:C/I:N/A:N
Temporal4.8E:U/RL:U/RC:UC
Environmental1.3CDP:L/TD:L/CR:ND/IR:ND/AR:ND

References

  • http://cwe.mitre.org/data/definitions/89.html
  • http://www.centreon.com/Content-Download/donwload-centreon
  • http://forge.centreon.com/projects/centreon/repository/revisions/13749

Credit

Thanks to Tom Gregory of Spentera for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

  • CVE IDs:CVE-2012-5967
  • Date Public:12 Dec 2012
  • Date First Published:12 Dec 2012
  • Date Last Updated:12 Dec 2012
  • Document Revision:10

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/856892

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8

ExploitDB Exploits

id Description
2012-12-13 Centreon Enterprise Server 2.3.3-2.3.9-4 Blind SQL Injection Exploit

Nessus® Vulnerability Scanner

Date Description
2014-12-23 Name : The remote web server contains a PHP application that is affected by a SQL in...
File : centreon_240.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2014-12-24 13:25:35
  • Multiple Updates
2013-01-11 21:24:38
  • Multiple Updates
2013-01-11 21:22:34
  • Multiple Updates
2012-12-20 21:19:46
  • Multiple Updates
2012-12-19 13:27:30
  • Multiple Updates
2012-12-12 17:20:41
  • First insertion