CVE-2023-41786

Name of the Vulnerable Software and Affected Versions Pandora FMS versions 700 through 772

Description The issue is related to the exposure of sensitive information to unauthorized actors, allowing users with low privileges to download database backups. This can be exploited by a remote attacker to gain access to sensitive data. The vulnerability is associated with a lack of protection for service data.

Recommendations For versions 700 through 772, update to a version that includes a fix for this issue to prevent unauthorized access to database backups. As a temporary workaround, consider restricting access to the database backup functionality to minimize the risk of exploitation.