Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization.
References
Link | Resource |
---|---|
https://blog.sonarsource.com/pandora-fms-742-critical-code-vulnerabilities-explained | Exploit Third Party Advisory |
https://pandorafms.com/blog/whats-new-in-pandora-fms-743/ | Release Notes Vendor Advisory |
https://portswigger.net/daily-swig/multiple-vulnerabilities-in-pandora-fms-could-trigger-remote-execution-attack | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-05-07T03:51:23
Updated: 2021-05-07T03:51:23
Reserved: 2021-05-07T00:00:00
Link: CVE-2021-32098
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-07T04:15:07.270
Modified: 2021-05-11T19:56:52.810
Link: CVE-2021-32098
JSON object: View
Redhat Information
No data.
CWE