Ddos 
Centreon, the popular open-source IT monitoring software, has released urgent security updates to address two critical SQL injection vulnerabilities. These vulnerabilities, tracked as CVE-2024-55573 and CVE-2024-53923, could allow authenticated attackers with high privileges to execute malicious code on vulnerable systems.
Both vulnerabilities carry a CVSS score of 9.1, indicating their severity and potential impact. CVE-2024-55573 exploits a flaw in the form used to create virtual metrics, while CVE-2024-53923 targets the media upload functionality within Centreon Web.
Exploiting these flaws could grant attackers extensive control over the monitoring system, potentially disrupting operations or stealing sensitive data.
The vulnerabilities affect several versions of Centreon Web, requiring immediate updates to ensure system security. Users should upgrade to the following patched versions:
These updates also include cumulative fixes from prior releases, making them essential for maintaining a secure and stable monitoring environment.
Centreon users can obtain the updates directly from the official Centreon website or through their usual update channels. Failing to do so could leave them exposed to serious security breaches with potentially devastating consequences.