CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-43978

There is an improper authentication vulnerability in Pandora FMS v764. The application verifies that the user has a valid session when he is not trying to do a login. Since the secret is static in generatePublicHash function, an attacker with knowledge of a valid session can abuse this in order to pass the authentication check.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.6%

CVSS Severity

CVSS v3 Score 5.6

References

Products affected by CVE-2022-43978

Pandorafms » Pandora Fms » Version: N/A

cpe:2.3:a:pandorafms:pandora_fms:-
Pandorafms » Pandora Fms » Version: 1.2

cpe:2.3:a:pandorafms:pandora_fms:1.2
Pandorafms » Pandora Fms » Version: 1.3

cpe:2.3:a:pandorafms:pandora_fms:1.3
Pandorafms » Pandora Fms » Version: 1.3.1

cpe:2.3:a:pandorafms:pandora_fms:1.3.1
Pandorafms » Pandora Fms » Version: 2.0

cpe:2.3:a:pandorafms:pandora_fms:2.0
Pandorafms » Pandora Fms » Version: 2.1

cpe:2.3:a:pandorafms:pandora_fms:2.1
Pandorafms » Pandora Fms » Version: 2.1.1

cpe:2.3:a:pandorafms:pandora_fms:2.1.1
Pandorafms » Pandora Fms » Version: 3.0

cpe:2.3:a:pandorafms:pandora_fms:3.0
Pandorafms » Pandora Fms » Version: 3.1

cpe:2.3:a:pandorafms:pandora_fms:3.1
Pandorafms » Pandora Fms » Version: 3.2

cpe:2.3:a:pandorafms:pandora_fms:3.2
Pandorafms » Pandora Fms » Version: 3.2.1

cpe:2.3:a:pandorafms:pandora_fms:3.2.1
Pandorafms » Pandora Fms » Version: 4.0

cpe:2.3:a:pandorafms:pandora_fms:4.0
Pandorafms » Pandora Fms » Version: 4.0.1

cpe:2.3:a:pandorafms:pandora_fms:4.0.1
Pandorafms » Pandora Fms » Version: 4.0.2

cpe:2.3:a:pandorafms:pandora_fms:4.0.2
Pandorafms » Pandora Fms » Version: 4.0.3

cpe:2.3:a:pandorafms:pandora_fms:4.0.3
Pandorafms » Pandora Fms » Version: 4.1

cpe:2.3:a:pandorafms:pandora_fms:4.1
Pandorafms » Pandora Fms » Version: 4.1.1

cpe:2.3:a:pandorafms:pandora_fms:4.1.1
Pandorafms » Pandora Fms » Version: 5.0

cpe:2.3:a:pandorafms:pandora_fms:5.0
Pandorafms » Pandora Fms » Version: 5.1

cpe:2.3:a:pandorafms:pandora_fms:5.1
Pandorafms » Pandora Fms » Version: 6.0

cpe:2.3:a:pandorafms:pandora_fms:6.0
Pandorafms » Pandora Fms » Version: 7.0_ng

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng
Pandorafms » Pandora Fms » Version: 7.0_ng_703

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_703
Pandorafms » Pandora Fms » Version: 7.0_ng_704

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_704
Pandorafms » Pandora Fms » Version: 7.0_ng_705

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_705
Pandorafms » Pandora Fms » Version: 7.0_ng_706

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_706
Pandorafms » Pandora Fms » Version: 7.0_ng_707

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_707
Pandorafms » Pandora Fms » Version: 7.0_ng_708

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_708
Pandorafms » Pandora Fms » Version: 7.0_ng_709

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_709
Pandorafms » Pandora Fms » Version: 7.0_ng_710

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_710
Pandorafms » Pandora Fms » Version: 7.0_ng_711

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_711
Pandorafms » Pandora Fms » Version: 7.0_ng_712

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_712
Pandorafms » Pandora Fms » Version: 7.0_ng_713

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_713
Pandorafms » Pandora Fms » Version: 7.0_ng_714

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_714
Pandorafms » Pandora Fms » Version: 7.0_ng_715

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_715
Pandorafms » Pandora Fms » Version: 7.0_ng_716

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_716
Pandorafms » Pandora Fms » Version: 7.0_ng_717

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_717
Pandorafms » Pandora Fms » Version: 7.0_ng_718

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_718
Pandorafms » Pandora Fms » Version: 7.0_ng_719

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_719
Pandorafms » Pandora Fms » Version: 7.0_ng_720

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_720
Pandorafms » Pandora Fms » Version: 7.0_ng_721

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_721
Pandorafms » Pandora Fms » Version: 7.0_ng_722

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_722
Pandorafms » Pandora Fms » Version: 7.0_ng_723

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_723
Pandorafms » Pandora Fms » Version: 7.0_ng_724

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_724
Pandorafms » Pandora Fms » Version: 7.0_ng_725

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_725
Pandorafms » Pandora Fms » Version: 7.0_ng_735

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_735
Pandorafms » Pandora Fms » Version: 7.0_ng_759

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_759
Pandorafms » Pandora Fms » Version: 7.0_ng_760

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_760
Pandorafms » Pandora Fms » Version: 7.0_ng_761

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_761
Pandorafms » Pandora Fms » Version: 7.44

cpe:2.3:a:pandorafms:pandora_fms:7.44
Pandorafms » Pandora Fms » Version: 742

cpe:2.3:a:pandorafms:pandora_fms:742
Pandorafms » Pandora Fms » Version: 746

cpe:2.3:a:pandorafms:pandora_fms:746
Pandorafms » Pandora Fms » Version: 754

cpe:2.3:a:pandorafms:pandora_fms:754
Pandorafms » Pandora Fms » Version: 765

cpe:2.3:a:pandorafms:pandora_fms:765

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-43978

Products

Pricing

Contact Us