CVE-2023-4677

Name of the Vulnerable Software and Affected Versions Pandora FMS versions <= 772

Description The issue is related to insufficient protection of registration data in the Pandora FMS Console, allowing an attacker to gain unauthorized access to protected information and elevate their privileges to the administrator level. An attacker can scrape the cron logs directory for cron log backups, which contain administrator session IDs, and abuse the contents to authenticate to the application as an administrator.

Recommendations For versions <= 772, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the cron logs directory to minimize the risk of exploitation. Avoid using the administrator session IDs in the cron log backups until the issue is resolved.