Описание
Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS allows an unauthenticated attacker to initiate a password reset process for any user account without proper authentication. This issue affects PandoraFMS v771 and prior versions on all platforms.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 772 (исключая)
cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
6.4 Medium
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-290
CWE-290
Связанные уязвимости
CVSS3: 6.4
github
больше 2 лет назад
Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS allows an unauthenticated attacker to initiate a password reset process for any user account without proper authentication. This issue affects PandoraFMS v771 and prior versions on all platforms.
EPSS
Процентиль: 20%
0.00063
Низкий
6.4 Medium
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-290
CWE-290