PT-2026-1288 · Centreon · Centreon-Awie+1
Marceloqj
·
Published
2026-01-05
·
Updated
2026-01-08
·
CVE-2025-15026
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Centreon Infra Monitoring centreon-awie versions 25.10.0 through 25.10.1
Centreon Infra Monitoring centreon-awie versions 24.10.0 through 24.10.2
Centreon Infra Monitoring centreon-awie versions 24.04.0 through 24.04.2
Description
A missing authentication check for a critical function within the centreon-awie (Awie import module) of Centreon Infra Monitoring allows access to functionality that is not properly restricted by Access Control Lists (ACLs). This allows unauthorized access to certain functions.
Recommendations
Update Centreon Infra Monitoring centreon-awie to version 25.10.2 or later.
Update Centreon Infra Monitoring centreon-awie to version 24.10.3 or later.
Update Centreon Infra Monitoring centreon-awie to version 24.04.3 or later.
Exploit
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Centreon Infra Monitoring
Centreon-Awie