VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-3zzf-hf31-c3ed

Essentials
Severities (20)
References (9)
Severity details (16)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-3zzf-hf31-c3ed
Aliases	CVE-2020-10945 GHSA-h5qv-p378-3hhr
Summary	Information Exposure Centreon exposes Session IDs in server responses.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-200	Exposure of Sensitive Information to an Unauthorized Actor
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2020-10945
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2020-10945
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2020-10945
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2020-10945
cvssv3.1	4.3	https://github.com/centreon/centreon
generic_textual	MODERATE	https://github.com/centreon/centreon
cvssv3.1	4.3	https://github.com/centreon/centreon-archived/commit/02a3248602ce194fbb098af34be4652565db2468
generic_textual	MODERATE	https://github.com/centreon/centreon-archived/commit/02a3248602ce194fbb098af34be4652565db2468
cvssv3.1	4.3	https://github.com/centreon/centreon-archived/commit/1c14a8ee07225836bdd2ca480e47a63070a11bb9
generic_textual	MODERATE	https://github.com/centreon/centreon-archived/commit/1c14a8ee07225836bdd2ca480e47a63070a11bb9
cvssv3.1	4.3	https://github.com/centreon/centreon-archived/commit/afa0ee6d43d22860ae435163559912696569fc2f
generic_textual	MODERATE	https://github.com/centreon/centreon-archived/commit/afa0ee6d43d22860ae435163559912696569fc2f
cvssv3.1	4.3	https://github.com/centreon/centreon-archived/commit/fbee38536960eecaf52eda2bf31b90859c018b66
generic_textual	MODERATE	https://github.com/centreon/centreon-archived/commit/fbee38536960eecaf52eda2bf31b90859c018b66
cvssv3.1	4.3	https://github.com/centreon/centreon-archived/pull/8291
generic_textual	MODERATE	https://github.com/centreon/centreon-archived/pull/8291
cvssv3.1	4.3	https://nvd.nist.gov/vuln/detail/CVE-2020-10945
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2020-10945
cvssv3.1	4.3	https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure
generic_textual	MODERATE	https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2020-10945
		https://github.com/centreon/centreon
		https://github.com/centreon/centreon-archived/commit/02a3248602ce194fbb098af34be4652565db2468
		https://github.com/centreon/centreon-archived/commit/1c14a8ee07225836bdd2ca480e47a63070a11bb9
		https://github.com/centreon/centreon-archived/commit/afa0ee6d43d22860ae435163559912696569fc2f
		https://github.com/centreon/centreon-archived/commit/fbee38536960eecaf52eda2bf31b90859c018b66
		https://github.com/centreon/centreon-archived/pull/8291
		https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure
CVE-2020-10945		https://nvd.nist.gov/vuln/detail/CVE-2020-10945

No exploits are available.

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/centreon/centreon

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/centreon/centreon-archived/commit/02a3248602ce194fbb098af34be4652565db2468

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/centreon/centreon-archived/commit/1c14a8ee07225836bdd2ca480e47a63070a11bb9

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/centreon/centreon-archived/commit/afa0ee6d43d22860ae435163559912696569fc2f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/centreon/centreon-archived/commit/fbee38536960eecaf52eda2bf31b90859c018b66

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/centreon/centreon-archived/pull/8291

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10945

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.13075
EPSS Score	0.00042
Published At	June 4, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:20:01.650232+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/centreon/centreon/CVE-2020-10945.yml	38.6.0