CVE-2024-32501 is a critical SQL Injection vulnerability identified in the updateServiceHost functionality of Centreon Web, an IT infrastructure monitoring platform widely used in enterprise environments. The vulnerability affects multiple branches of Centreon Web, specifically versions 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. The flaw allows unauthenticated remote attackers to inject malicious SQL statements due to improper sanitization of user-supplied input in the updateServiceHost feature. This can lead to unauthorized access to the backend database, enabling attackers to read, modify, or delete sensitive data, or even execute administrative commands on the database server. The vulnerability has a CVSS v3.1 base score of 9.8, reflecting its critical nature with network attack vector, no required privileges or user interaction, and full impact on confidentiality, integrity, and availability. Although no public exploits have been reported yet, the vulnerability's characteristics make it highly exploitable. Centreon Web is commonly deployed in organizations for monitoring IT infrastructure, making this vulnerability a significant risk for operational disruption and data breaches. The CWE-89 classification confirms this is a classic SQL Injection issue, emphasizing the need for proper input validation and parameterized queries in the affected code paths.

The impact of CVE-2024-32501 is severe for organizations using Centreon Web for infrastructure monitoring. Successful exploitation can lead to complete compromise of the monitoring platform's database, exposing sensitive configuration data, credentials, and monitored system information. Attackers could manipulate monitoring data, causing false alerts or hiding critical failures, which undermines operational security and incident response. Additionally, database modification or deletion could disrupt monitoring services, leading to downtime and delayed detection of IT issues. The vulnerability's remote, unauthenticated nature increases the risk of widespread exploitation, potentially enabling attackers to pivot into broader network environments. Organizations relying on Centreon Web for critical infrastructure, including government, finance, energy, and telecommunications sectors, face heightened risks of espionage, sabotage, or data theft. The absence of known exploits currently provides a window for proactive mitigation, but the critical severity demands urgent attention to prevent future attacks.

To mitigate CVE-2024-32501, organizations should immediately upgrade Centreon Web to the fixed versions: 24.04.3 or later, 23.10.13 or later, 23.04.19 or later, and 22.10.23 or later. If immediate patching is not feasible, restrict network access to the Centreon Web interface using firewalls or VPNs to limit exposure to trusted users only. Implement web application firewalls (WAFs) with rules to detect and block SQL Injection attempts targeting the updateServiceHost endpoint. Conduct thorough input validation and parameterization in any custom integrations or scripts interacting with Centreon Web APIs. Monitor database logs and application logs for unusual queries or error patterns indicative of injection attempts. Regularly audit user access and credentials associated with Centreon Web to reduce the risk of privilege escalation. Finally, maintain an incident response plan tailored to monitoring platform compromises to quickly contain and remediate any exploitation.