VYPR
High severity7.0NVD Advisory· Published Nov 23, 2023· Updated Jun 17, 2026

CVE-2023-4677

CVE-2023-4677

Description

Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This issue affects Pandora FMS <= 772.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Pandora/Pandorallm-fuzzy
    Range: <=772
  • Pandora FMS/Pandora FMSv5
    Range: 700

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.