CVE-2025-3767

216.73.216.6

· Published 22/04/2025 16:15 · Modified 22/04/2025 16:15

Labels: CVE-2025-3767 2025-04-22 CVE-2025-3767 CWE-89 bd4443e6-1eef-43f3-9886-25fc9ceeaae7

Essential information

Published: 22/04/2025 16:15
Modified: 22/04/2025 16:15
Author: —
Creator: —
CVSS: 7.2 HIGH (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon BAM (Boolean KPi Listing modules) allows SQL Injection. This page is only accessible to authenticated users with high privileges. This issue affects Centreon BAM: from 24.10 before 24.10.1, from 24.04 before 24.04.5, from 23.10 before 23.10.10, from 23.04 before 23.04.10.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: bd4443e6-1eef-43f3-9886-25fc9ceeaae7
NVD: View on NVD

Affected products (CPE)

Product	CPE
centreon / centreon bam	`cpe:2.3:a:centreon:centreon_bam:24.10:<24.10.1::::::`
centreon / centreon bam	`cpe:2.3:a:centreon:centreon_bam:24.04:<24.04.5::::::`
centreon / centreon bam	`cpe:2.3:a:centreon:centreon_bam:23.10:<23.10.10::::::`
centreon / centreon bam	`cpe:2.3:a:centreon:centreon_bam:23.04:<23.04.10::::::`