Lucene search

[email protected]CVE-2020-13851

HistoryJun 11, 2020 - 3:15 a.m.

CVE-2020-13851

2020-06-1103:15:00

CWE-78

[email protected]

web.nvd.nist.gov

325

cve-2020-13851

artica pandora fms

remote command execution

events feature

nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON

Artica Pandora FMS 7.44 allows remote command execution via the events feature.

CPENameOperatorVersion
pandorafms:pandora_fmspandorafms pandora fmseq7.44

CPE	Name	Operator	Version
pandorafms:pandora_fms	pandorafms pandora fms	eq	7.44

References

packetstormsecurity.com/files/158390/Pandora-FMS-7.0-NG-7XX-Remote-Command-Execution.html

www.coresecurity.com/advisories

www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON

Related for CVE-2020-13851

zdt1 prion1 nuclei1 metasploit1 packetstorm1 checkpoint_advisories1 coresecurity1