CVE-2025-4649 – Centreon Web Privilege Escalation Vulnerability

May 13, 2025

CVE ID : CVE-2025-4649

Published : May 13, 2025, 12:15 p.m. | 4 hours, 9 minutes ago

Description : Improper Privilege Management vulnerability in Centreon web allows Privilege Escalation.
ACL are not correctly taken into account in the display of the “event logs” page. This page requiring, high privileges, will display all available logs.

This issue affects web: from 24.10.3 before 24.10.4, from 24.04.09 before 24.04.10, from 23.10.19 before 23.10.21, from 23.04.24 before 23.04.26.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-36340 – AMD uProf File Deletion/Disclosure Junction Point Vulnerability

Next Article CVE-2025-31223 – Apple Safari Web Content Memory Corruption

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

Forget YouTube’s ad blocker war — this Google AI Overviews clone might finally sell me on the $14/month Premium subscription

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

CVE-2025-4649 – Centreon Web Privilege Escalation Vulnerability

CVE-2025-32897 – Apache Seata (incubating) Untrusted Data Deserialization Vulnerability

CVE-2025-6822 – Code-projects Inventory Management System SQL Injection Vulnerability

I always recommend buying headphones on sale, and these are the ones to snag during Memorial Day sales

Building Smarter APIs with OpenAPI, AWS Bedrock & SageMaker Studio in Drupal 10

CVE-2025-39396 – Crocoblock JetReviews PHP Local File Inclusion Vulnerability

Qualcomm waarschuwt voor misbruik van GPU-lekken in Androidtelefoons

Measuring perception in AI models

CVE-2025-25032 – IBM Cognos Analytics Memory Exhaustion Denial of Service

“The bosses will be more rewarding” — Diablo 4 Season 8 is a major overhaul to Boss Ladders, Season Journey, and Battle Pass

Nintendo Switch 2 pre-orders delayed, new price hike likely – here’s why

CVE-2025-4649 – Centreon Web Privilege Escalation Vulnerability

Related Posts