CVE-2023-4677
Unauthenticated Admin Account Takeover Via Cron Log File Backups
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This issue affects Pandora FMS <= 772.
Los archivos de copia de seguridad del registro Cron contienen ID de sesiĆ³n de administrador. Es trivial para cualquier atacante que pueda acceder a Pandora FMS Console y extraer el directorio de registros cron para realizar copias de seguridad de los registros Cron. Luego se puede abusar del contenido de estos archivos de registro para autenticarse en la aplicaciĆ³n como administrador. Este problema afecta a Pandora FMS <= 772.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-08-31 CVE Reserved
- 2023-11-23 CVE Published
- 2024-08-02 CVE Updated
- 2024-10-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
- CWE-532: Insertion of Sensitive Information into Log File
CAPEC
- CAPEC-115: Authentication Bypass
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://pandorafms.com/en/security/common-vulnerabilities-and-exposures | 2023-11-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Artica Search vendor "Artica" | Pandora Fms Search vendor "Artica" for product "Pandora Fms" | >= 700 < 773 Search vendor "Artica" for product "Pandora Fms" and version " >= 700 < 773" | - |
Affected
| ||||||