CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36697

With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.3%

CVSS Severity

CVSS v3 Score 6.7

CVSS v2 Score 4.6

References

Products affected by CVE-2021-36697

Artica » Pandora Fms » Version: 1.2

cpe:2.3:a:artica:pandora_fms:1.2
Artica » Pandora Fms » Version: 1.3

cpe:2.3:a:artica:pandora_fms:1.3
Artica » Pandora Fms » Version: 1.4

cpe:2.3:a:artica:pandora_fms:1.4
Artica » Pandora Fms » Version: 2.0

cpe:2.3:a:artica:pandora_fms:2.0
Artica » Pandora Fms » Version: 2.1

cpe:2.3:a:artica:pandora_fms:2.1
Artica » Pandora Fms » Version: 3.0

cpe:2.3:a:artica:pandora_fms:3.0
Artica » Pandora Fms » Version: 3.1

cpe:2.3:a:artica:pandora_fms:3.1
Artica » Pandora Fms » Version: 3.2

cpe:2.3:a:artica:pandora_fms:3.2
Artica » Pandora Fms » Version: 4.0

cpe:2.3:a:artica:pandora_fms:4.0
Artica » Pandora Fms » Version: 5.0

cpe:2.3:a:artica:pandora_fms:5.0
Artica » Pandora Fms » Version: 5.1

cpe:2.3:a:artica:pandora_fms:5.1
Artica » Pandora Fms » Version: 6.0

cpe:2.3:a:artica:pandora_fms:6.0
Artica » Pandora Fms » Version: 7.0

cpe:2.3:a:artica:pandora_fms:7.0
Artica » Pandora Fms » Version: 7.0_ng

cpe:2.3:a:artica:pandora_fms:7.0_ng
Artica » Pandora Fms » Version: 7.42

cpe:2.3:a:artica:pandora_fms:7.42
Artica » Pandora Fms » Version: 700

cpe:2.3:a:artica:pandora_fms:700
Artica » Pandora Fms » Version: 740

cpe:2.3:a:artica:pandora_fms:740
Artica » Pandora Fms » Version: 741

cpe:2.3:a:artica:pandora_fms:741
Artica » Pandora Fms » Version: 742

cpe:2.3:a:artica:pandora_fms:742
Artica » Pandora Fms » Version: 743

cpe:2.3:a:artica:pandora_fms:743
Artica » Pandora Fms » Version: 744

cpe:2.3:a:artica:pandora_fms:744
Artica » Pandora Fms » Version: 745

cpe:2.3:a:artica:pandora_fms:745
Artica » Pandora Fms » Version: 746

cpe:2.3:a:artica:pandora_fms:746
Artica » Pandora Fms » Version: 747

cpe:2.3:a:artica:pandora_fms:747
Artica » Pandora Fms » Version: 748

cpe:2.3:a:artica:pandora_fms:748
Artica » Pandora Fms » Version: 749

cpe:2.3:a:artica:pandora_fms:749
Artica » Pandora Fms » Version: 750

cpe:2.3:a:artica:pandora_fms:750
Artica » Pandora Fms » Version: 751

cpe:2.3:a:artica:pandora_fms:751
Artica » Pandora Fms » Version: 752

cpe:2.3:a:artica:pandora_fms:752
Artica » Pandora Fms » Version: 753

cpe:2.3:a:artica:pandora_fms:753
Artica » Pandora Fms » Version: 754

cpe:2.3:a:artica:pandora_fms:754
Artica » Pandora Fms » Version: 755

cpe:2.3:a:artica:pandora_fms:755

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36697

Products

Pricing

Contact Us