Arbitrary File Read
CVE-2023-41787

7.5HIGH

Key Information:

Vendor: Pandora FMS
Status: Pandora FMS
Vendor: CVE Published:; 23 November 2023

🔔 Create Pandora FMS Vulnerability Alert

What is CVE-2023-41787?

An uncontrolled search path element vulnerability in Pandora FMS allows attackers to manipulate and leverage configuration file search paths to access sensitive files. This issue impacts versions 700 through 772, potentially exposing confidential information and increasing risks for system integrity.

Affected Version(s)

Pandora FMS all 700 <= 772

References

https://pandorafms.com/en/security/common-vulnerabilities...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 23, 2023
Vulnerability Reserved
Sep 1, 2023

Credit

Oliver Brooks <[email protected]>