CVE-2024-45755 is a SQL injection vulnerability identified in Centreon centreon-dsm-server versions 24.10.x before 24.10.0, 24.04.x before 24.04.3, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. The vulnerability arises from improper sanitization of user input in the form used to configure DSM slots within the Centreon monitoring platform. An attacker with authenticated high-privileged access can inject malicious SQL commands, potentially allowing unauthorized data access, modification, or deletion within the backend database. This can compromise the confidentiality, integrity, and availability of monitoring data and possibly the underlying system. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command). The CVSS v3.1 base score is 7.2, reflecting network attack vector, low attack complexity, high privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. Although no active exploitation has been reported, the presence of this vulnerability in critical monitoring infrastructure poses a significant risk. Centreon users should apply the fixed versions as soon as they are available or implement compensating controls to restrict access and validate inputs.

The impact of CVE-2024-45755 is substantial for organizations relying on Centreon for IT infrastructure monitoring and management. Exploitation could allow attackers to execute arbitrary SQL commands, leading to unauthorized disclosure of sensitive monitoring data, alteration or deletion of critical configuration and monitoring records, and potential disruption of monitoring services. This could impair an organization's ability to detect and respond to operational issues or security incidents, increasing the risk of prolonged outages or undetected breaches. Given that exploitation requires high-privileged authenticated access, insider threats or compromised administrative accounts are primary risk vectors. The vulnerability could also be leveraged as a foothold for further lateral movement within the network. Organizations in sectors with critical infrastructure, such as energy, telecommunications, finance, and government, face heightened risks due to the strategic importance of continuous and reliable monitoring.

1. Apply official patches or upgrade Centreon centreon-dsm-server to versions 24.10.0, 24.04.3, 23.10.1, 23.04.3, or 22.10.2 or later as soon as they become available. 2. Restrict high-privileged user access to Centreon DSM configuration forms strictly on a need-to-know basis and enforce strong authentication mechanisms, including multi-factor authentication. 3. Implement rigorous input validation and sanitization on all user inputs related to DSM slot configuration to prevent injection attacks. 4. Monitor logs and audit trails for unusual activities related to configuration changes or database queries. 5. Conduct regular security assessments and penetration testing focused on the Centreon environment to detect potential exploitation attempts. 6. Segment the Centreon monitoring infrastructure from other critical network segments to limit lateral movement in case of compromise. 7. Educate administrators about the risks of SQL injection and the importance of safeguarding privileged credentials.