CVE-2024-45754 is a SQL injection vulnerability identified in the centreon-bi-server component of Centreon BI Server across multiple versions prior to 24.04.3, 23.10.8, 23.04.11, and 22.10.11. The vulnerability arises when listing configured reporting jobs, where insufficient input sanitization allows malicious SQL code injection. This flaw is exploitable only by authenticated users possessing high-privileged access, such as administrators or superusers, which limits the attack surface but still presents a serious risk. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command). Exploiting this vulnerability can lead to unauthorized data disclosure, data manipulation, or complete system compromise by executing arbitrary SQL commands on the backend database. The CVSS 3.1 score of 7.2 indicates a high-severity issue with network attack vector, low attack complexity, and no requirement for user interaction. Although no public exploits have been reported, the potential impact on confidentiality, integrity, and availability is significant. Centreon BI Server is widely used for IT infrastructure monitoring and business intelligence reporting, making this vulnerability particularly critical in environments where sensitive operational data is processed. The vulnerability was published on October 11, 2024, and organizations should monitor for vendor patches and advisories.

The impact of CVE-2024-45754 is substantial for organizations relying on Centreon BI Server for monitoring and reporting. Successful exploitation can lead to unauthorized access to sensitive reporting data, manipulation or deletion of records, and potentially full compromise of the underlying database and server. This could disrupt monitoring operations, cause data integrity issues, and expose confidential business intelligence information. Given the high privileges required, the vulnerability primarily threatens insider threats or attackers who have already compromised user credentials with elevated rights. However, once exploited, the attacker could pivot to other parts of the network or escalate privileges further. The availability of critical monitoring services could be affected, leading to operational downtime and delayed incident response. The absence of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, especially as attackers often develop exploits rapidly after public disclosure. Organizations in sectors such as finance, healthcare, telecommunications, and government, where Centreon BI Server is deployed, face increased risk due to the sensitivity and criticality of monitored data.

1. Apply official patches or updates from Centreon as soon as they become available for the affected versions (24.04.x before 24.04.3, 23.10.x before 23.10.8, 23.04.x before 23.04.11, and 22.10.x before 22.10.11). 2. Restrict high-privileged user access strictly on a need-to-know basis and enforce strong authentication mechanisms, including multi-factor authentication (MFA). 3. Conduct regular audits of user accounts and permissions to ensure no unauthorized privilege escalation. 4. Implement database activity monitoring to detect anomalous SQL queries indicative of injection attempts. 5. Employ web application firewalls (WAFs) with custom rules to detect and block SQL injection patterns targeting Centreon BI Server endpoints. 6. Isolate Centreon BI Server components within segmented network zones to limit lateral movement in case of compromise. 7. Educate administrators and users with high privileges about the risks of credential compromise and phishing attacks. 8. Review and harden input validation and sanitization in custom integrations or plugins interacting with Centreon BI Server. 9. Maintain up-to-date backups of configuration and reporting data to enable recovery in case of data corruption or deletion.