Miggo Logo

CVE-2024-23115: Centreon updateGroups SQL Injection Remote Code Execution Vulnerability

7.2

CVSS Score
3.0

Basic Information

EPSS Score
0.98966%
Published
4/2/2024
Updated
4/2/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
centreon/centreoncomposer< 22.10.1522.10.15

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description explicitly states the flaw exists in the updateGroups function due to improper input validation before SQL query construction. While the provided GitHub patch shows template escaping fixes (likely addressing XSS), the core SQL injection vulnerability resides in the backend updateGroups logic. The function name is confirmed by multiple sources (CVE, ZDI, GHSA), and the file path is inferred from Centreon's architecture (host configuration handling) and the context of the modified template file in the same directory.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

**ntr*on up**t**roups SQL Inj**tion R*mot* *o** *x**ution Vuln*r**ility. T*is vuln*r**ility *llows r*mot* *tt**k*rs to *x**ut* *r*itr*ry *o** on *****t** inst*ll*tions o* **ntr*on. *ut**nti**tion is r*quir** to *xploit t*is vuln*r**ility. T** sp**i*

Reasoning

T** vuln*r**ility **s*ription *xpli*itly st*t*s t** *l*w *xists in t** `up**t**roups` *un*tion *u* to improp*r input v*li**tion ***or* SQL qu*ry *onstru*tion. W*il* t** provi*** *it*u* p*t** s*ows t*mpl*t* *s**pin* *ix*s (lik*ly ***r*ssin* XSS), t**