Publication date: January 8th, 2026
Components: centreon-awie
Description: Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not Properly Constrained by ACLs.
Reference: CVE-2025-15026
CVSS: 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Severity: Critical
Status: Fixes have been provided for all supported versions and it is recommended to update Centreon AWIE on Central Server:
These versions include cumulative fixes from prior updates.
If you are using an High Availability Platform, please ensure to follow the Centreon HA Update procedures.
Reporter: marceloQJ
Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.