CVE-2019-19484: 
Centreon vulnerability analysis and mitigation

CVE-2019-19484 is a vulnerability discovered in Centreon version 19.04.4 and below, specifically affecting the login.php file. The vulnerability was identified in October 2019 and involves an open redirect vulnerability via the 'p' parameter in the login mechanism (NVD, Medium Blog).

The vulnerability is classified as CWE-601 (URL Redirection to Untrusted Site) and received a CVSS v3.1 base score of 6.1 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N. The issue specifically involves the parameter 'p' in the login.php file, which remains in URLs after successful login, potentially allowing attackers to craft malicious payloads (NVD).

The vulnerability allows attackers to perform open redirect attacks, which could lead to unintended behavior in the application. This type of vulnerability can be exploited to redirect users to malicious websites and potentially lead to phishing attacks (NVD).

The vulnerability affects Centreon versions up to and including 19.04.4. Users should upgrade to a version newer than 19.04.4 to mitigate this vulnerability (NVD).

The vulnerability was discovered during a security assessment of Centreon 19.04 release in October 2019. It was noted that this vulnerability could be chained with others to achieve remote code execution, and was used as an example in security training for OSWE preparation (Medium Blog).