Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control in Configuration (Credential store)
Vulnerability Description
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Artica Pandora FMS 安全漏洞
Vulnerability Description
Artica Pandora FMS是西班牙Artica公司的一套监控系统。该系统通过可视化的方式监控网络、服务器、虚拟基础架构和应用程序等。 Artica Pandora FMS 存在安全漏洞,该漏洞源于Pandora FMS v7.0NG.760 及更低版本允许在配置(凭据存储)中进行不正确的访问控制,其中具有操作员(写入)角色的用户可以创建、删除、查看超出预期角色的现有密钥。
CVSS Information
N/A
Vulnerability Type
N/A