CVE-2025-8432

Summary

Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15.

Affected Software

VendorProductVersion RangeStatus
CentreonInfra Monitoring24.10.0 < 24.10.6affected
CentreonInfra Monitoring24.04.0 < 24.04.9affected
CentreonInfra Monitoring23.10.0 < 23.10.15affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References