CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-24515

Server-Side Request Forgery (SSRF) vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to fetch internal file content. This issue affects Pandora FMS v767 version and prior versions on all platforms.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.2%

CVSS Severity

CVSS v3 Score 5.2

References

Products affected by CVE-2023-24515

Pandorafms » Pandora Fms » Version: N/A

cpe:2.3:a:pandorafms:pandora_fms:-
Pandorafms » Pandora Fms » Version: 1.2

cpe:2.3:a:pandorafms:pandora_fms:1.2
Pandorafms » Pandora Fms » Version: 1.3

cpe:2.3:a:pandorafms:pandora_fms:1.3
Pandorafms » Pandora Fms » Version: 1.3.1

cpe:2.3:a:pandorafms:pandora_fms:1.3.1
Pandorafms » Pandora Fms » Version: 2.0

cpe:2.3:a:pandorafms:pandora_fms:2.0
Pandorafms » Pandora Fms » Version: 2.1

cpe:2.3:a:pandorafms:pandora_fms:2.1
Pandorafms » Pandora Fms » Version: 2.1.1

cpe:2.3:a:pandorafms:pandora_fms:2.1.1
Pandorafms » Pandora Fms » Version: 3.0

cpe:2.3:a:pandorafms:pandora_fms:3.0
Pandorafms » Pandora Fms » Version: 3.1

cpe:2.3:a:pandorafms:pandora_fms:3.1
Pandorafms » Pandora Fms » Version: 3.2

cpe:2.3:a:pandorafms:pandora_fms:3.2
Pandorafms » Pandora Fms » Version: 3.2.1

cpe:2.3:a:pandorafms:pandora_fms:3.2.1
Pandorafms » Pandora Fms » Version: 4.0

cpe:2.3:a:pandorafms:pandora_fms:4.0
Pandorafms » Pandora Fms » Version: 4.0.1

cpe:2.3:a:pandorafms:pandora_fms:4.0.1
Pandorafms » Pandora Fms » Version: 4.0.2

cpe:2.3:a:pandorafms:pandora_fms:4.0.2
Pandorafms » Pandora Fms » Version: 4.0.3

cpe:2.3:a:pandorafms:pandora_fms:4.0.3
Pandorafms » Pandora Fms » Version: 4.1

cpe:2.3:a:pandorafms:pandora_fms:4.1
Pandorafms » Pandora Fms » Version: 4.1.1

cpe:2.3:a:pandorafms:pandora_fms:4.1.1
Pandorafms » Pandora Fms » Version: 5.0

cpe:2.3:a:pandorafms:pandora_fms:5.0
Pandorafms » Pandora Fms » Version: 5.1

cpe:2.3:a:pandorafms:pandora_fms:5.1
Pandorafms » Pandora Fms » Version: 6.0

cpe:2.3:a:pandorafms:pandora_fms:6.0
Pandorafms » Pandora Fms » Version: 7.0_ng

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng
Pandorafms » Pandora Fms » Version: 7.0_ng_703

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_703
Pandorafms » Pandora Fms » Version: 7.0_ng_704

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_704
Pandorafms » Pandora Fms » Version: 7.0_ng_705

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_705
Pandorafms » Pandora Fms » Version: 7.0_ng_706

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_706
Pandorafms » Pandora Fms » Version: 7.0_ng_707

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_707
Pandorafms » Pandora Fms » Version: 7.0_ng_708

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_708
Pandorafms » Pandora Fms » Version: 7.0_ng_709

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_709
Pandorafms » Pandora Fms » Version: 7.0_ng_710

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_710
Pandorafms » Pandora Fms » Version: 7.0_ng_711

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_711
Pandorafms » Pandora Fms » Version: 7.0_ng_712

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_712
Pandorafms » Pandora Fms » Version: 7.0_ng_713

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_713
Pandorafms » Pandora Fms » Version: 7.0_ng_714

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_714
Pandorafms » Pandora Fms » Version: 7.0_ng_715

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_715
Pandorafms » Pandora Fms » Version: 7.0_ng_716

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_716
Pandorafms » Pandora Fms » Version: 7.0_ng_717

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_717
Pandorafms » Pandora Fms » Version: 7.0_ng_718

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_718
Pandorafms » Pandora Fms » Version: 7.0_ng_719

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_719
Pandorafms » Pandora Fms » Version: 7.0_ng_720

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_720
Pandorafms » Pandora Fms » Version: 7.0_ng_721

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_721
Pandorafms » Pandora Fms » Version: 7.0_ng_722

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_722
Pandorafms » Pandora Fms » Version: 7.0_ng_723

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_723
Pandorafms » Pandora Fms » Version: 7.0_ng_724

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_724
Pandorafms » Pandora Fms » Version: 7.0_ng_725

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_725
Pandorafms » Pandora Fms » Version: 7.0_ng_735

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_735
Pandorafms » Pandora Fms » Version: 7.0_ng_759

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_759
Pandorafms » Pandora Fms » Version: 7.0_ng_760

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_760
Pandorafms » Pandora Fms » Version: 7.0_ng_761

cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_761
Pandorafms » Pandora Fms » Version: 7.44

cpe:2.3:a:pandorafms:pandora_fms:7.44
Pandorafms » Pandora Fms » Version: 742

cpe:2.3:a:pandorafms:pandora_fms:742
Pandorafms » Pandora Fms » Version: 746

cpe:2.3:a:pandorafms:pandora_fms:746
Pandorafms » Pandora Fms » Version: 754

cpe:2.3:a:pandorafms:pandora_fms:754
Pandorafms » Pandora Fms » Version: 765

cpe:2.3:a:pandorafms:pandora_fms:765
Pandorafms » Pandora Fms » Version: 766

cpe:2.3:a:pandorafms:pandora_fms:766
Pandorafms » Pandora Fms » Version: 767

cpe:2.3:a:pandorafms:pandora_fms:767

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-24515

Products

Pricing

Contact Us