Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. This issue affects Pandora FMS: from 700 through <=777.4
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Pandorafms
Pandorafms pandora Fms |
|
CPEs | cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Pandorafms
Pandorafms pandora Fms |
|
Metrics |
cvssV3_1
|
Thu, 21 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 21 Nov 2024 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. This issue affects Pandora FMS: from 700 through <=777.4 | |
Title | Command Injection leading to RCE via LDAP Misconfiguration | |
Weaknesses | CWE-77 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: PandoraFMS
Published: 2024-11-21T10:03:08.739Z
Updated: 2024-11-21T14:39:13.711Z
Reserved: 2024-11-18T11:27:37.531Z
Link: CVE-2024-11320
Vulnrichment
Updated: 2024-11-21T14:39:09.280Z
NVD
Status : Analyzed
Published: 2024-11-21T11:15:24.387
Modified: 2024-11-26T17:26:33.327
Link: CVE-2024-11320
Redhat
No data.