An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2. It provides sensitive information via an unauthenticated direct request for include/monitoring/recurrentDowntime/GetXMLHost4Services.php.
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Centreon | Centreon | * | 2.8.30 (excluding) |