exploitDog

CVE-2023-41812

Опубликовано: 23 нояб. 2023

Источник: nvd

CVSS3: 5.7

CVSS3: 8.8

EPSS Низкий

Описание

Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allowed PHP executable files to be uploaded through the file manager. This issue affects Pandora FMS: from 700 through 773.

Ссылки

https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/
Vendor Advisory
https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:artica:pandora_fms:*:*:*:*:*:*:*:*

Версия от 700 (включая) до 774 (исключая)

EPSS

Процентиль: 12%

0.0004

Низкий

5.7 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-7gj5-vmcv-4jgh

CVSS3: 5.7

github

около 2 лет назад

Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allowed PHP executable files to be uploaded through the file manager. This issue affects Pandora FMS: from 700 through 773.

EPSS

Процентиль: 12%

0.0004

Низкий

5.7 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434