CVE-2023-41786 — MEDIUM (6.8)

Q: How severe is CVE-2023-41786?

CVE-2023-41786 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-41786?

Check the references section above for vendor advisories and patch information. Affected products include: Artica Pandora Fms.

Vulnerability Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Artica	Pandora Fms	>= 700, < 773

Related Weaknesses (CWE)

CWE-668 CWE-200

References

https://https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/Broken LinkVendor Advisory
https://https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/Broken LinkVendor Advisory

FAQ

What is CVE-2023-41786?

CVE-2023-41786 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. ...

How severe is CVE-2023-41786?

CVE-2023-41786 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-41786?

Check the references section above for vendor advisories and patch information. Affected products include: Artica Pandora Fms.