Learn more on how to stay protected from the latest Ransomware Pandemic
Check Point Advisories

Centreon formMibs.php Command Injection (CVE-2019-15298)

Check Point Reference: CPAI-2019-2041
Date Published: 21 Apr 2020
Severity: High
Last Updated: Tuesday 21 April, 2020
Source:
Industry Reference:CVE-2019-15298
Protection Provided by:

Security Gateway
R81, R80, R77, R75

Who is Vulnerable? Centreon Project Centreon Web through 19.04.3
Vulnerability Description A command injection vulnerability exists in the Centreon Web Application. Successful exploitation of this vulnerability could result in arbitrary command execution in the context of the server process.

Protection Overview

IPSDU-18890

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R80 / R77 / R75

  1. In the IPS tab, click Protections and find the Centreon formMibs.php Command Injection (CVE-2019-15298) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Web Server Enforcement Violation.
Attack Information:  Centreon formMibs.php Command Injection (CVE-2019-15298)

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO