Vulnerabilities > CVE-2023-41786 - Exposure of Resource to Wrong Sphere vulnerability in Artica Pandora FMS

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

artica

CWE-668

NVD

Published: 2023-11-23

Updated: 2023-11-30

Summary

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772.

Vulnerable Configurations

Part	Description	Count
Application	Artica Artica Pandora FMS 740 Artica Pandora FMS 741 Artica Pandora FMS 742 Artica Pandora FMS 743 Artica Pandora FMS 744 Artica Pandora FMS 745 Artica Pandora FMS 746 Artica Pandora FMS 747 Artica Pandora FMS 748 Artica Pandora FMS 749 Artica Pandora FMS 750 Artica Pandora FMS 754	12

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/