What is CVE-2022-42425?

CVE-2022-42425 is a high-severity vulnerability in Centreon, classified under SQL Injection. CVSS score: 7.2/10. Published 2023-03-29.

How severe is CVE-2022-42425?

High severity. CVSS v3 base score is 7.2 out of 10.

SQL Injection in Centreon

CVE-2022-42425

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller br…

Vulnerability class: SQL Injection

EPSS: 0.649 (98.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Centreon — versions 22.04

Weakness classification (CWE)

CWE-89 — SQL Injection

References

www.zerodayinitiative.com/advisories/ZDI-22-1396/

Frequently asked questions

What is CVE-2022-42425?: CVE-2022-42425 is a high-severity vulnerability in Centreon, classified under SQL Injection. CVSS score: 7.2/10. Published 2023-03-29.
How severe is CVE-2022-42425?: High severity. CVSS v3 base score is 7.2 out of 10.