CVE-2009-4368

Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/61183
http://secunia.com/advisories/37808	Vendor Advisory
http://www.centreon.com/Development/changelog-2x.html
http://www.securityfocus.com/bid/37383
http://www.vupen.com/english/advisories/2009/3578	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54893

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:merethis:centreon::::::::
	cpe:2.3:a:merethis:centreon:1.4:::::::*
	cpe:2.3:a:merethis:centreon:1.4.1:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.1:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.2:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.3:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.4:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.5:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.6:::::::*
	cpe:2.3:a:merethis:centreon:1.4.2.7:::::::*
	cpe:2.3:a:merethis:centreon:2.0:b2::::::
	cpe:2.3:a:merethis:centreon:2.0:b3::::::
	cpe:2.3:a:merethis:centreon:2.0:b4::::::
	cpe:2.3:a:merethis:centreon:2.0:b5::::::
	cpe:2.3:a:merethis:centreon:2.0:b6::::::
	cpe:2.3:a:merethis:centreon:2.0:rc1::::::
	cpe:2.3:a:merethis:centreon:2.0:rc2::::::
	cpe:2.3:a:merethis:centreon:2.0:rc3::::::
	cpe:2.3:a:merethis:centreon:2.0:rc4::::::
	cpe:2.3:a:merethis:centreon:2.0:rc5::::::
	cpe:2.3:a:merethis:centreon:2.0.1:::::::*
	cpe:2.3:a:merethis:centreon:2.0.2:::::::*
	cpe:2.3:a:merethis:centreon:2.1.0:::::::*
	cpe:2.3:a:merethis:centreon:2.1.1:::::::*
	cpe:2.3:a:merethis:centreon:2.1.2:::::::*

History

No history.

Information

Published : 2009-12-21 16:30

Updated : 2024-02-28 11:41

NVD link : CVE-2009-4368

Mitre link : CVE-2009-4368

CVE.ORG link : CVE-2009-4368

JSON object : View

Products Affected

merethis

centreon

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-4368", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-12-21T16:30:00.610", "references": [{"url": "http://osvdb.org/61183", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/37808", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.centreon.com/Development/changelog-2x.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/37383", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/3578", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54893", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en Centreon versiones anteriores a v2.1.4 tienen un impacto y vectores de ataque desconocidos en (1) herramienta ping, (2) herramienta tool, y (3) importaci\u00f3n ldap, posiblemente relacionado con una autenticaci\u00f3n no apropiada."}], "lastModified": "2017-08-17T01:31:33.647", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:merethis:centreon:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B67D522D-9190-4C98-A0A1-4EABD18D90CF", "versionEndIncluding": "2.1.3"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61975AFA-B0B2-4B19-B208-146B2E71B737"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C9B3720-9430-49F7-9E81-A8BB2528E934"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2A44136-88C1-4CE5-A579-BD7DB1413E68"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1EA5A52-9234-4A8E-8E84-6D197CB9946F"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5EA670B-897B-4369-AA19-C3052CCE91E2"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E56A4852-61E8-4F43-B81F-4C8727082F85"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F38A5EB-A69E-4567-8DBF-8C438DE66D97"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E62C0AA6-EABE-4926-A4DA-CD471D88C068"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3A02C2E-AA16-4669-B77E-554B27478D91"}, {"criteria": "cpe:2.3:a:merethis:centreon:1.4.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8F3C43F-3277-4162-B025-7FCBF7A79FAB"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:b2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97BB2893-02DC-4C49-B9CA-E9DEF3211C59"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:b3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9ADD46A2-80D7-49DD-A36D-BC5AAE01FAAF"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:b4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F41E4FC5-0031-41A9-820C-C63FF54E0B4D"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:b5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DD77DAA-E499-4064-B717-42EA1950C028"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:b6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BDC54B9-1955-4849-A6A1-F850931EED7F"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEC41A81-F8D2-44C7-B56E-C62918FFE0ED"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2FA1001-D1A6-4226-A724-6FF13F040314"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6A75F22-4D95-4F5B-820F-C15767ADE928"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DD571A7-C921-48A9-8974-F9D2F03F7CB5"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47EE53E4-8F0F-4F54-A392-347D2A044B57"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E9A1D39-6124-4E6A-81B1-24674BEF6588"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A38C74D1-7D54-4460-B819-0E935D664FDB"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "573D2183-3605-4589-86B9-2CAE570B968C"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BF59787-CC19-4C94-B0FA-CD358B286357"}, {"criteria": "cpe:2.3:a:merethis:centreon:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C23A7BA9-076B-4F2E-BF75-61E4717125A3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}