CVE-2025-15029 — Centreon Infra Monitoring (Awie Export)
Severity: Critical
Vulnerability Type: Unauthenticated SQL Injection (CWE-89)
Impact: Database compromise (data disclosure/modification)
Remediation: Patch to latest Centreon versions
Description:
This flaw allows an unauthenticated remote attacker to inject malicious SQL into the Centreon Infra Monitoring backend through the Awie export module. The application improperly neutralizes special SQL elements before including them in database queries, leading to classic SQL injection. A successful exploit could let an attacker extract or modify sensitive database contents, including monitoring configurations, credential material, and operational data — without any login or prior authentication.
Severity:
- CVSS v3.1: 9.8 (Critical)— Remote, unauthenticated, full impact on confidentiality, integrity, and availability.
Affected Versions:
- Centreon Infra Monitoring:
- 25.10.0 before 25.10.2
- 24.10.0 before 24.10.3
- 24.04.0 before 24.04.3
Mitigation / Fix:
1. Apply Centreon provided patches (update to 25.10.2, 24.10.3, or 24.04.3 or newer)
2. Restrict access to the web interface (firewall / segmentation) until patched
3. Monitor logs for unusual database access patterns
CVE-2025-15026 — Centreon Infra Monitoring (Awie Import)
Severity: Critical
Vulnerability Type: Missing Authentication for Critical Function (CWE-306)
Impact: Unrestricted access to backend functions
Remediation: Patch to latest Centreon versions
Description:
This vulnerability resides in the centreon-awie import module of Centreon Infra Monitoring. Certain critical backend operations that should be protected by authentication and ACL checks are exposed without any authentication requirement. An unauthenticated attacker with network access to the Centreon web interface can invoke these functions directly. This could allow manipulation of internal monitoring data, configuration imports, and potentially privileged actions normally restricted to authenticated administrators.
Severity:
- CVSS v3.1: Typically assessed as Critical due to no authentication and broad impact. (Reported CVSS ~9.8)
Affected Versions:
- Centreon Infra Monitoring:
- 25.10.0 before 25.10.2
- 24.10.0 before 24.10.3
- 24.04.0 before 24.04.3
Mitigation / Fix:
1. Update Centreon Infra Monitoring to patched versions (25.10.2, 24.10.3, 24.04.3 or newer)
2. Restrict network access to Centreon management interfaces
3. Employ host-level access controls (e.g., IP allowlists) until patches are applied
At-a-Glance
| CVE | Vuln Type | Auth Required | Impact | Fix |
|---|---|---|---|---|
| CVE-2025-15029 | SQL Injection | No | Remote DB compromise | Patch |
| CVE-2025-15026 | Missing Auth | No | Unrestricted backend access | Patch |
Immediate Actions for Security Teams
- Inventory affected Centreon Infra Monitoring instances.
- Apply official patches immediately matching your release channel.
- Block external exposure of Centreon management UI until updated.
- Audit logs for anomalous access attempts (unauthenticated SQL usage or import requests).
- Consider network segmentation to limit internal attack surface
