Описание
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.0_ng_760 (включая)
cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
3.7 Low
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-284
NVD-CWE-Other
Связанные уязвимости
CVSS3: 3.7
ubuntu
больше 3 лет назад
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.
CVSS3: 5.4
github
больше 3 лет назад
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.
EPSS
Процентиль: 48%
0.0025
Низкий
3.7 Low
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-284
NVD-CWE-Other