CVE-2023-41786

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-41786

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41786.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-41786

Published

2023-11-23T15:15:08.023Z

Modified

2026-04-10T05:01:19.065605Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772.

References

https://https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/

Affected packages

Git / github.com/pandorafms/pandorafms

Affected ranges

Type

GIT

Repo

https://github.com/pandorafms/pandorafms

Events

Introduced

Last affected

f266f4ade1defcbfa9fe91930e10b21b2411a3a4

Database specific

{
    "versions": [
        {
            "introduced": "700"
        },
        {
            "last_affected": "772."
        }
    ]
}

Affected versions

5.*

5.0

5.1

6.*

6.0

Other

v772-LTS

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41786.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "700"
            },
            {
                "fixed": "773"
            }
        ]
    }
]