Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2025-4649

Improper Handling of Exceptional Conditions vulnerability in Centreon web allows Privilege Escalation.

ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs. This issue affects web: from 24.10.3 before 24.10.4, from 24.04.09 before 24.04.10, from 23.10.19 before 23.10.21, from 23.04.24 before 23.04.26.

Published: May 13, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-4649
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-755

Affected Software
References

Software	From	Fixed in
centreon / centreon_web	23.04.24	23.04.26
centreon / centreon_web	23.10.19	23.10.21
centreon / centreon_web	24.04.9	24.04.9.x
centreon / centreon_web	24.10.3	24.10.3.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo