Centreon is committed to the security of its product and services and is continuously improving policies, processes, and products to meet the highest standards.
We acknowledge that Centreon users and security researchers following our Centreon Security Policy to report vulnerabilities are key to the success of this commitment. If you are the first to report a confirmed vulnerability, we would like to recognize your contribution by listing your name, or the name of your organization on this page. You may obviously choose to remain anonymous.
For more details on how to report a security vulnerability, kindly check below.
Centreon reserves the right to make final decisions regarding publishing acknowledgments. Also, please be aware that only reports following our Security Policy may qualify for acknowledgement on this page.
- 2023/11/29 - 129cf345fa3dcf0fd346682161ba9a4f working with Trend Micro Zero Day Initiative (CVE-2024-0637, CVE-2024-23115, CVE-2024-23116, CVE-2024-23117, CVE-2024-23118, CVE-2024-23119)
- 2023/06/08 - Tomi P Hakala and Jarkko Vesiluoma from Elisa Santa Monica
- 2023/06/07 - Anonymous working with Trend Micro Zero Day Initiative (CVE-2023-51633)
- 2023/05/21 - Milan Katwal
- 2023/05/19 - Keyur Maheta
- 2022/11/16 - Vladimir TOUTAIN from DSecBypass
- 2022/10/05 - Héctor Morales from Centreon
- 2022/09/06 - Anonymous working with Trend Micro Zero Day Initiative (CVE-2022-42424, CVE-2022-42425, CVE-2022-42426, CVE-2022-42427, CVE-2022-42428, CVE-2022-42429)
- 2022/08/24 - Anonymous working with Trend Micro Zero Day Initiative (CVE-2022-41142)
- 2022/07/01 - Irsyad Ahmad (CVE-2022-36194)
- 2022/06/29 - Marcus Lichtenstern
- 2022/05/23 - Lucas Carmo and Daniel França Lima from Hakaï Security
- 2022/02/16 - Anonymous working with Trend Micro Zero Day Initiative (CVE-2022-34871, CVE-2022-34872)
- 2021/08/09 - Amammad from huntr-dev
- 2021/07/13 - Gaurang Maheta
- 2021/06/21 - Bao Chau / CyRadar
- 2021/04/07 - Synacktiv, Guillaume André and Théo Louis-Tisserand
- 2021/03/23 - Benoit Poulet
- 2021/02/22 - Cody Sixteen (CVE-2020-22425)
- 2021/02/16 - Sick Codes, wabaf3t and d0rkerdevil
- 2021/02/12 - Alexandru Cucea
- 2020/05/20 - WELAN
- 2020/04/30 - Matthew Bach (TheCyberGeek) (CVE-2020-12688)
- 2020/03/20 - Engin Demirbilek (CVE-2020-13252, CVE-2020-22345)
- 2020/02/27 - Cody Sixteen (CVE-2020-9463)
- 2020/01/06 - Guylian Dw (SpengeSec) and Matthew Bach (TheCyberGeek) (CVE-2019-19699)
Centreon takes the security of our software products seriously.
If you believe you have found a security vulnerability, please report it to us as described below.
Please do not report security vulnerabilities through public GitHub issues.
Send an email to security@centreon.com. If possible, encrypt your message with our PGP key below.
You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
To help us better understand the nature and scope of the possible issue, please describe as much as you can:
- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
- Full paths of source file(s) related to the manifestation of the issue
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit the issue
We don't have a bug bounty program but this is something we are thinking about.
Tag | Value |
---|---|
Key ID | E5E57093 |
Key Type | RSA |
Key Size | 4096 / 4096 |
Created | 2024-02-22 |
Expires | 2026-02-22 |
Fingerprint | 0858 25F0 2FF0 24C8 FB7C 8DB3 7C26 4CA5 E5E5 7093 |
UserID | Centreon Security security@centreon.com |
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGXXAsoBEACrrfyAPaW9LEjbGqNfAkwbbSUo01hZgnb20ifU/S0mng6ab+SG
9QJMLT07vvS5DndT3LbSnwfQgflPBJnXTFi6f5de3k1i+nyIOg48ZT7olpyKgAcW
7qlZiDa81UtJqMI/moRxlxf/WkZNO0Cl0cixxris1g+56OhtxatXO3G6tdSyAtCZ
yaP21hU46nrcR6yims9fw/Fuc4N5gkJabADb5y+eyGqTHf7cG7NOzd+wzU9fzaRI
rtl1D4AGeJyNHhgM9nStTnQpPV2n5vfAO5vb1/waPInrilHmxRLNsMa6Y0a461Ww
k2+lI3nmWJfbrfLvpE1qmkF6yOLqbOkFb0YzT6Bd35a81yEnE1n7h80hh+XPoCSu
Kj5v//YxwIxfVv5V2wFjslUFNx5pPv3R0/YQvR+Bz3TI2oITnFjAlgTNamgXoYGe
6C+VPHSqV3Us5gjmth/Le1ciwuLyJ+DM6Wsxc565NLcVOS4E9UWPMPp8rnmC3Y9q
I7bBMgA3qbktce3TC0uxnXNtDEIdeOqYQ2zywffx9Am8lLYrwQlA8teC1e8fad2W
J7CNGYhS7WFCnBE5PrtuxWFYk0D6j0lFvsLs5Al3X8S0K9L22bo3vVE9aLzkS2rv
cdgviN/EEth0uQLk04LQi6zyQTzTyb29lPIVtDIevmvqwbrrwexAHqi9NQARAQAB
tClDZW50cmVvbiBTZWN1cml0eSA8c2VjdXJpdHlAY2VudHJlb24uY29tPokCVAQT
AQgAPhYhBAhYJfAv8CTI+3yNs3wmTKXl5XCTBQJl1wLKAhsDBQkDw7chBQsJCAcC
BhUKCQgLAgQWAgMBAh4BAheAAAoJEHwmTKXl5XCTZT4P/iCHRktDqERYTiRaGqQ7
zaYuadqxzrzQ/U9KzdhOdzm6sKATL/vW1pA3A4avzXCtcROCdIG+opIQW0VhOjXb
pGDrhgih39Ybk/8Bn2Y0TkqiYja0T2R9j8LF5Eyh9C+MpDXe7JnQtQYlJWFEBGCQ
Jotlhn70I6ALff6iciLu7jRJ+YPS+DYSzo6f6IsnRbLwuXtUfDUauQ0lEgSB+tf9
TbamNCa1islr1uIWAviIUE3L9yuut/cm2kfIbKhNvuoUQCMfxk0PwOLtKb27hSlY
75HYTKLXT1pAR2jJ2Cnog2au16cj8xP7zVeiKjlAC3GLajd0Gaa/eb82qBzCHy7g
mVxY3oXqadj1N3e6yxkc6HFkW+AaeeD+0k6N5OaVAayM7jJkjUfaQRcxEyIzLBV2
sQlNf8BC0rEgjmzANqAL3foImRSee7xalFM0YX43PwHyYb2eRvRcPqqDrUYOguyE
WNEL0Bue7BcajyUcf8PejeBztW7I06BB8gvNhnlPElZD/NqmnZPmEMlB0YwNCz+A
JqCdRfhKZyrX/8Do7mtQGz8Tj7FtlIr60Uhe74tgU9ep2lyR5h4HHdmsZoCjYyVd
XoYhBichbvI1icqvom8c8pSM0zt6cBAv6dyqrgb/bVeJH8G4JFrfV7+w9c2qarqc
6ClynUoREldhwzvttj7+4ZwYuQINBGXXAsoBEACxr4GmHkDQPOw1RCCFjeDqIJPV
r+G4G04Rs6RQwEF7P4CBXzULOle/ByCqQ9WOteO1iiQsnSXDSIjVT8sj7FCHntMv
YMGk/AAQC85RY2KwLH+0hA01zKyvWMyW3kbI8h3LKeNbQmXOvZkjhWfEUfUVrS85
GQXqSnDD1ogQl3DeBrKDPf1DNbxrteaCNppZODH3OssV+jUHmDhTTLfxvvkLni+4
NiWmkYGnK38NxzixNEWS8GmdUba9nuA2VbmB0esOaBTxJNGEOIQnCrQ2ckEEvdfQ
t4w3eyedTMhDhiPnelVXTRcyOTM9i62/40fy9RUOS/OJlrCuExREKIm7sUWXHc6C
JnmYw8I2mi4mhyTejB3QfKljFSUF6FUwh3DRgNPDEVxn5wr/IjE0GqEh5OgfJbEm
6TB9kHcOSiUWd5RdKwtBdon4Gvft+ZsyaajkyFk3Lz9EULMF5gBMOFYHTodO6G94
thAp6ouYwSkoFnS/1z46rbdzfPjzFdhWyYpS/b5rqJBuSuLqf9t332R0vZkwBCmg
S9n+HyTcOyrSwpFl16Xd/cFzamHCFfe+gLGvgGf6phAm+OBgZtzpdzHXymBdW/u+
vZvIQcXMoHri6TrXy8OQb0T2zmdAADblEfPVRzvldSEKrna1PwfDK5Ef0mu+pj6z
HJrvsxf/xN9VXzww9QARAQABiQI8BBgBCAAmFiEECFgl8C/wJMj7fI2zfCZMpeXl
cJMFAmXXAsoCGwwFCQPDtyEACgkQfCZMpeXlcJMN2g/+MtSUNNT5MjJKzkqEInYB
H3sEB5J01Ag4ecpwdLR2c/t4izC9JRVFy90FQy23U0F8h9nHDmK1SPoSAKe5uoPf
NE5MGpNCzd66qZeG6c+wCow3sED3yAAHgG0mWSAwq5s5kRb481VtCpjdnLqS+bcy
6mmWsB/eeXoLFJ9pARSQTW53IGef+51d+a8CCl/RlWMNhAL0jJrpm6YH42jXU7ax
EnFnlpEOTVnPgQ3wze+JFeay2UPTkH1FaQgzjfEfBda/Hy3PikWa2+bgElb36r8b
/q4zbSiR+g/CyzI3RHChU2iTUJ+pj3tNusvZSiLWL1CmlS8ZjvPdapnoa/4THHwf
Hgfrl3sl9qvV4Oxj94WfPxXC18g2Xb3weC1OP2bP78EEsE660fqQdFEm1wZL86u8
ay7Hi+9JXn8yl8/zlMKuDrfm4iNLzqEtiOmp3hgGAVr62QuxCE+vjCWO68908IqU
1fNhJnqeRXkhGRrmUuMlLES5InJsUFS6V1qXZzYRJr9o0fuiULnAzsPDEy4awo96
X3ANq5hI6rXvb3s0OXZl5COdFXLf+KUQkvsJcu7U488Ahcl+EGRtEcijR4KPBuf8
SXTDxTgzlKzAFtoL83ZE0M/X6VH9CuMV2UD85Stz3NZ3KeCiIk7OS5RG/7mddJpP
eSSEi1kkF91KqDph80NgNbw=
=f7CG
-----END PGP PUBLIC KEY BLOCK-----