PT-2026-1288 · Centreon · Centreon-Awie+1

Marceloqj

Publicado

2026-01-05

Atualizado

2026-01-08

CVE-2025-15026

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring centreon-awie versions 25.10.0 through 25.10.1 Centreon Infra Monitoring centreon-awie versions 24.10.0 through 24.10.2 Centreon Infra Monitoring centreon-awie versions 24.04.0 through 24.04.2

Description A missing authentication check for a critical function within the centreon-awie (Awie import module) of Centreon Infra Monitoring allows access to functionality that is not properly restricted by Access Control Lists (ACLs). This allows unauthorized access to certain functions.

Recommendations Update Centreon Infra Monitoring centreon-awie to version 25.10.2 or later. Update Centreon Infra Monitoring centreon-awie to version 24.10.3 or later. Update Centreon Infra Monitoring centreon-awie to version 24.04.3 or later.

Exploit

Correção

Missing Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-306

Identificadores relacionados

BDU:2026-00667

CVE-2025-15026

Produtos afetados

Centreon Infra Monitoring

Centreon-Awie

PT-2026-1288 · Centreon · Centreon-Awie+1

CVE-2025-15026

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12