CVE-2025-15026

Summary

Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not Properly Constrained by ACLs.

This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0 before 24.04.3.

Affected Software

VendorProductVersion RangeStatus
CentreonInfra Monitoring25.10.0 < 25.10.2affected
CentreonInfra Monitoring24.10.0 < 24.10.3affected
CentreonInfra Monitoring24.04.0 < 24.04.3affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References