High severity7.0NVD Advisory· Published Nov 23, 2023· Updated Jun 17, 2026
CVE-2023-4677
CVE-2023-4677
Description
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This issue affects Pandora FMS <= 772.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Pandora FMS/Pandora FMSv5Range: 700
Patches
Vulnerability mechanics
References
1- pandorafms.com/en/security/common-vulnerabilities-and-exposures/nvdVendor Advisory
News mentions
0No linked articles in our index yet.