CVE-2018-19271:Centreon 3.4.x is affected by a SQL Injection vulnerability that can be exploited via the main.php searchH parameter; this issue was fixed in Centreon 18.10.0 and Centreon Web 2.8.28.

splash
Back

Description Preview

The vulnerability in Centreon 3.4.x allows an attacker to inject arbitrary SQL through the main.php searchH parameter, potentially compromising the backend database. The issue was addressed in subsequent releases, with fixes implemented in Centreon 18.10.0 and Centreon Web 2.8.28. This CVE (CVE-2018-19271) highlights the risk of unsafely handling user-supplied input in search functionality, which could lead to data disclosure or modification depending on the attacker’s capabilities and system configuration.

Overview

This CVE describes an SQL Injection vulnerability in Centreon 3.4.x where the main.php searchH parameter can be exploited to alter or access the database. The vulnerability has been remedied in Centreon 18.10.0 and in Centreon Web 2.8.28, and is associated with older 3.4.x deployments. The issue was publicly disclosed in November 2018, with subsequent patches released by the Centreon project to mitigate the risk.

Remediation

  • Upgrade to the fixed releases: upgrade Centreon to 18.10.0 or higher and Centreon Web to 2.8.28 or higher (or to any later patched versions). Ensure both components are updated as per vendor guidance.
  • Plan and execute the upgrade:
    • Back up the database and configuration.
    • Schedule a maintenance window.
    • Follow Centreon’s official upgrade procedure to apply the fixes.
    • Validate the upgrade by checking version numbers and performing basic functional tests (especially search-related features).
  • Validate remediation:
    • Confirm that the searchH parameter is no longer exploitable by attempting non-destructive checks and verifying normal operation.
    • Review application and database logs for any suspicious activity after the upgrade.
  • If upgrade is not immediately possible:
    • Apply compensating controls such as web application firewall (WAF) rules to block SQLi payloads targeting the searchH parameter.
    • Implement input validation and ensure the code path handling main.php searchH uses parameterized queries or safe handling (if you maintain a fork or custom patches).
    • Minimize exposure of the vulnerable endpoint where feasible and monitor for unusual access patterns.
  • Additional hardening:
    • Verify adherence to Centreon's security hardening guidelines.
    • Rotate credentials and ensure regular backup testing.
    • Consider enabling additional monitoring for database access and anomalous query activity.

References

  • http://www.rootlabs.com.br/authenticated-sql-injection-in-centreon-3-4-x/
  • https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html
  • https://github.com/centreon/centreon/pull/6625
  • https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.28.html

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services: Low
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  5. Construction: Low
    Construction
  6. Educational Services: Low
    Educational Services
  7. Finance and Insurance: Low
    Finance and Insurance
  8. Health Care & Social Assistance: Low
    Health Care & Social Assistance
  9. Information: Low
    Information
  10. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  11. Manufacturing: Low
    Manufacturing
  12. Mining: Low
    Mining
  13. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  15. Public Administration: Low
    Public Administration
  16. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  17. Retail Trade: Low
    Retail Trade
  18. Transportation & Warehousing: Low
    Transportation & Warehousing
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background