Lucene search

[email protected]NVD:CVE-2023-44090

HistoryMar 19, 2024 - 5:15 p.m.

CVE-2023-44090

2024-03-1917:15:08

CWE-89

[email protected]

web.nvd.nist.gov

cve-2023-44090

sql injection

pandora fms

grafana module

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L

0.001 Low

EPSS

Percentile

48.7%

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through <776.

References

pandorafms.com/en/security/common-vulnerabilities-and-exposures/

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L

0.001 Low

EPSS

Percentile

48.7%

JSON

Related for NVD:CVE-2023-44090

cvelist2 cve2 nvd1 prion1