Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthenticated Admin Account Takeover Via Cron Log File Backups
Vulnerability Description
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This issue affects Pandora FMS <= 772.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Vulnerability Type
认证机制不恰当
Vulnerability Title
Artica Pandora FMS 安全漏洞
Vulnerability Description
Artica Pandora FMS是西班牙Artica公司的一套监控系统。该系统通过可视化的方式监控网络、服务器、虚拟基础架构和应用程序等。 Artica Pandora FMS 772版本及之前版本存在安全漏洞。攻击者利用该漏洞可以获取日志信息。
CVSS Information
N/A
Vulnerability Type
N/A