|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-05-14 | |
| Rule Name: | PandoraFMS console v7.0NG.772 SQL Injection Vulnerability (CVE-2023-44088) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using any account with low privileges. This issue affects Pandora FMS: from 700 through 774. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/ |
|
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |