Vulnerability Details CVE-2025-12519
Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement configurations. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.15, from 24.04.0 before 24.04.19.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.9%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2025-12519
-
cpe:2.3:a:centreon:centreon_web:*
-
cpe:2.3:a:centreon:centreon_web:24.04.0
-
cpe:2.3:a:centreon:centreon_web:24.04.1
-
cpe:2.3:a:centreon:centreon_web:24.04.10
-
cpe:2.3:a:centreon:centreon_web:24.04.11
-
cpe:2.3:a:centreon:centreon_web:24.04.12
-
cpe:2.3:a:centreon:centreon_web:24.04.13
-
cpe:2.3:a:centreon:centreon_web:24.04.14
-
cpe:2.3:a:centreon:centreon_web:24.04.15
-
cpe:2.3:a:centreon:centreon_web:24.04.16
-
cpe:2.3:a:centreon:centreon_web:24.04.17
-
cpe:2.3:a:centreon:centreon_web:24.04.18
-
cpe:2.3:a:centreon:centreon_web:24.04.2
-
cpe:2.3:a:centreon:centreon_web:24.04.3
-
cpe:2.3:a:centreon:centreon_web:24.04.4
-
cpe:2.3:a:centreon:centreon_web:24.04.5
-
cpe:2.3:a:centreon:centreon_web:24.04.6
-
cpe:2.3:a:centreon:centreon_web:24.04.7
-
cpe:2.3:a:centreon:centreon_web:24.04.8
-
cpe:2.3:a:centreon:centreon_web:24.04.9
-
cpe:2.3:a:centreon:centreon_web:24.10.0
-
cpe:2.3:a:centreon:centreon_web:24.10.1
-
cpe:2.3:a:centreon:centreon_web:24.10.10
-
cpe:2.3:a:centreon:centreon_web:24.10.11
-
cpe:2.3:a:centreon:centreon_web:24.10.12
-
cpe:2.3:a:centreon:centreon_web:24.10.13
-
cpe:2.3:a:centreon:centreon_web:24.10.2
-
cpe:2.3:a:centreon:centreon_web:24.10.3
-
cpe:2.3:a:centreon:centreon_web:24.10.4
-
cpe:2.3:a:centreon:centreon_web:24.10.5
-
cpe:2.3:a:centreon:centreon_web:24.10.6
-
cpe:2.3:a:centreon:centreon_web:24.10.7
-
cpe:2.3:a:centreon:centreon_web:24.10.8
-
cpe:2.3:a:centreon:centreon_web:24.10.9