HIGHCVE-2026-2751Published 2026-02-27Modified 2026-02-27CNA Centreon

CVE-2026-2751: Blind SQL Injection

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.

CVSS v3.1: 8.3
Severity: HIGH
Fixed in: 25.10.8, 24.10.20, 24.04.24
Affected Products: 1

Fix available

25.10.8, 24.10.20, 24.04.24

Affected packages

Centreon / Centreon Web on Central Server
< 25.10.8, 24.10.20, 24.04.24 (from 25.10; 24.10;24.04)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

References

https

Metrics

Fix available