216.73.217.86

CVE-2025-12519

· Published 05/01/2026 11:17 · Modified 05/01/2026 11:17

Labels: CVE-2025-12519 2026-01-05CVE-2025-12519CWE-862bd4443e6-1eef-43f3-9886-25fc9ceeaae7

Essential information

Published
05/01/2026 11:17
Modified
05/01/2026 11:17
Author
Creator
CVSS
5.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement configurations. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.15, from 24.04.0 before 24.04.19.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
bd4443e6-1eef-43f3-9886-25fc9ceeaae7
NVD
View on NVD

Affected products (CPE)

ProductCPE
centreon / centreon infra monitoring cpe:2.3:a:centreon:centreon_infra_monitoring:25.10.0-25.10.1:*:*:*:*:*:*:*
centreon / centreon infra monitoring cpe:2.3:a:centreon:centreon_infra_monitoring:24.10.0-24.10.14:*:*:*:*:*:*:*
centreon / centreon infra monitoring cpe:2.3:a:centreon:centreon_infra_monitoring:24.04.0-24.04.18:*:*:*:*:*:*:*

References