centreon/centreon is vulnerable to authentication bypass. Changing a password on a profile page by a valid user causes the contact_autologin_key value
in database filed to be blank instead of NULL
, allowing to partially bypass the authentication.