Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-43978

Published: 27/01/2023 Updated: 27/06/2023
CVSS v3 Base Score: 3.7 | Impact Score: 2.5 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Pandora Fms

Vulnerability Summary

There is an improper authentication vulnerability in Pandora FMS v764. The application verifies that the user has a valid session when he is not trying to do a login. Since the secret is static in generatePublicHash function, an attacker with knowledge of a valid session can abuse this in order to pass the authentication check.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

pandorafms pandora fms

References

CWE-798https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook