CVE-2025-15026

Description

Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0 before 24.04.3.

PUBLISHED Reserved 2025-12-22 | Published 2026-01-05 | Updated 2026-01-08 | Assigner Centreon

Problem types

CWE-306 Missing Authentication for Critical Function

Product status

Credits

marceloQJ finder

References

github.com/centreon/centreon/releases release-notes

thewatch.centreon.com/...entreon-awie-critical-severity-5357 vendor-advisory

cve.org (CVE-2025-15026)

nvd.nist.gov (CVE-2025-15026)

Download JSON