Information disclosure on Administration parameters API endpoint_CVE-2025-12519

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement configurations. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.15, from 24.04.0 before 24.04.19.

Basic Information

ID CVE-2025-12519

Source Centreon

Published Jan 5, 2026 at 10:15

Affected Product

Vendor Centreon

Product Infra Monitoring

Version 25.10.0

Affected Versions Centreon Infra Monitoring 25.10.0
Centreon Infra Monitoring 24.10.0
Centreon Infra Monitoring 24.04.0

CWE Classification

CWE-862

References

github.com /centreon/centreon/releases

{
    "lastseen": "",
    "description": "Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement configurations.\u00a0This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.15, from 24.04.0 before 24.04.19.",
    "published": "2026-01-05T10:15:08.921Z",
    "modified": "2026-01-05T10:15:08.921Z",
    "type": "cve",
    "title": "Information disclosure on Administration parameters API endpoint",
    "source": "Centreon",
    "references": "https://github.com/centreon/centreon/releases",
    "id": "CVE-2025-12519",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "Centreon Infra Monitoring 25.10.0\nCentreon Infra Monitoring 24.10.0\nCentreon Infra Monitoring 24.04.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Infra Monitoring",
    "version": "25.10.0",
    "vendor": "Centreon",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}