CVE-2019-16405

Description

Centreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings.

How to fix CVE-2019-16405

To remediate CVE-2019-16405, upgrade the affected package to a fixed version below.

• Packagist/centreon/centreon—upgrade to 18.10.8 or later

Is CVE-2019-16405 being exploited?

Moderate — EPSS is 8.6%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 18.10.8

CVSS scores

References (13)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2019-16405
• PATCHgithub.com/centreon/centreon
• WEBpacketstormsecurity.com/files/155999/Centreon-19.04-Remote-Code-Execution.html
• WEBdocumentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html