Description

Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement configurations. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.15, from 24.04.0 before 24.04.19.

Related CPE's

Could not find any relations

References

https://github.com/centreon/centreon/releases

Weaknesses

bd4443e6-1eef-43f3-9886-25fc9ceeaae7

Secondary
CWE-862

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.3 · Medium

Information

Source identifier

bd4443e6-1eef-43f3-9886-25fc9ceeaae7

Vulnerability status

Received

Published

2026-01-05T11:17:39.830Z

41 hours ago

Last modified

2026-01-05T11:17:39.830Z

41 hours ago