CVE | CVE-2022-43978 |
CVE Title | |
Published Date | 2023-01-27T22:15Z |
Modified Date | 2023-01-30T14:18Z |
Description | There is an improper authentication vulnerability in Pandora FMS v764. The application verifies that the user has a valid session when he is not trying to do a login. Since the secret is static in generatePublicHash function, an attacker with knowledge of a valid session can abuse this in order to pass the authentication check. |
References | |
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites. | |
Reference URL | https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/ |
Reference Description | CONFIRM https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/ |
Reference Description | |
Sources | NIST MITRE |
Note
- No CVSS data for this CVE