CVE-2025-12519
- Source
- https://cve.org/CVERecord?id=CVE-2025-12519
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12519.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-12519
- Published
- 2026-01-05T10:15:08.921Z
- Modified
- 2026-04-10T05:20:57.972407Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- Information disclosure on Administration parameters API endpoint
- Details
-
Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement configurations. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.15, from 24.04.0 before 24.04.19.
- Database specific
{ "cwe_ids": [ "CWE-862" ], "cna_assigner": "Centreon", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/12xxx/CVE-2025-12519.json" }- References