Awie

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-15029 CRITICAL PATCH Act Now

Centreon Infra Monitoring's AWIE export module contains SQL injection accessible to unauthenticated users. Combined with CVE-2025-15026 (missing auth on import), the AWIE module has both unauthenticated data extraction and unauthorized configuration access. Patch available.

SQLi Awie

NVD GitHub

CVSS 3.1

9.8

EPSS

0.0%

CVE-2025-15026 CRITICAL PATCH Act Now

Centreon Infra Monitoring's centreon-awie module lacks authentication on critical import functions, allowing unauthenticated attackers to access functionality that should be restricted by ACLs. Affects multiple Centreon versions. Patch available.

Authentication Bypass Awie

NVD GitHub

CVSS 3.1

9.8

EPSS

0.0%

CVE-2025-15029

EPSS 0% CVSS 9.8

CRITICAL PATCH Act Now

Centreon Infra Monitoring's AWIE export module contains SQL injection accessible to unauthenticated users. Combined with CVE-2025-15026 (missing auth on import), the AWIE module has both unauthenticated data extraction and unauthorized configuration access. Patch available.

SQLi Awie

NVD GitHub

CVE-2025-15026

EPSS 0% CVSS 9.8

CRITICAL PATCH Act Now

Centreon Infra Monitoring's centreon-awie module lacks authentication on critical import functions, allowing unauthenticated attackers to access functionality that should be restricted by ACLs. Affects multiple Centreon versions. Patch available.

Authentication Bypass Awie

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy