High severity7.2NVD Advisory· Published Apr 22, 2025· Updated Apr 15, 2026

CVE-2025-3767

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon BAM (Boolean KPi Listing modules) allows SQL Injection.

This page is only accessible to authenticated users with high privileges.

This issue affects Centreon BAM: from 24.10 before 24.10.1, from 24.04 before 24.04.5, from 23.10 before 23.10.10, from 23.04 before 23.04.10.

Patches

0cbb97b7270f

https://github.com/centreon/centreonvia osv

369945d904ad

https://github.com/centreon/centreonvia osv

be23a5888ddf

https://github.com/centreon/centreonvia osv

55c0778ded0a

https://github.com/centreon/centreonvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

thewatch.centreon.com/latest-security-bulletins-64/cve-2024-46924-cve-2025-3767-centreon-bam-high-severity-4459nvd

News mentions

No linked articles in our index yet.

cvss	0.468
epss	0.004
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000