Centreon Infra Monitoring

20 CVEs affecting Centreon Infra Monitoring. Latest disclosed: 2026-01-05. Critical: 2, High: 4.

Top CVEs affecting Centreon Infra Monitoring
CVESeverityScorePublishedSummary
CVE-2025-15029Critical9.82026-01-05Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon Infra Monitoring (Awie export modules) allows SQ…
CVE-2025-15026Critical9.82026-01-05Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not P…
CVE-2025-8432High8.42025-10-27Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on th…
CVE-2025-8459High7.72025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Monitoring recurrent do…
CVE-2025-5965High7.22026-01-05In the backup parameters, a user with high privilege is able to concatenate custom instructions to the backup setup. Improper Neutralization of Special Element…
CVE-2025-5946High7.22025-10-14Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in t…
CVE-2025-12513Medium6.82026-01-05Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Hosts configuration for…
CVE-2025-12511Medium6.82026-01-05Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (DSM extenstio configura…
CVE-2025-13056Medium6.82026-01-05Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Administration ACL menu…
CVE-2025-8460Medium6.82025-12-22Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Notification rules, Ope…
CVE-2025-54890Medium6.82025-12-22Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Hostgroup configuration…
CVE-2025-8430Medium6.82025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Commands Connectors con…
CVE-2025-8429Medium6.82025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (ACL Action access confi…
CVE-2025-54893Medium6.82025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Hosts templates configu…
CVE-2025-8428Medium6.82025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (HTTP Loader widget modu…
CVE-2025-54892Medium6.82025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (SNMP traps group config…
CVE-2025-54891Medium6.82025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (ACL Resource access con…
CVE-2025-54889Medium6.82025-10-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (SNMP traps manufacturer…
CVE-2025-10023Medium6.22025-10-27Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Services Meta-services…
CVE-2025-12519Medium5.32026-01-05Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly C…