Pandora FMS DC-2024-11320 (MEDIUM)

2024-11-26

This article describes a vulnerability (CVE-2024-11320) in Pandora FMS versions 700 through 777.4. It allows attackers to execute arbitrary commands on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism.

Vulnerability :

Platform: Pandora FMS
Version: 700 through <= 777.4 Vulnerability: Command Injection (LDAP Authentication) Severity: MEDIUM Date: November 21, 2024 (Published), November 26, 2024 (Last Modified)

What Undercode Says:

This vulnerability allows attackers to take control of your Pandora FMS server. It’s critical to update to a patched version as soon as possible.

Here are some additional details not mentioned in the summary:

The National Vulnerability Database (NVD) assigned a CVSS v4.0 base score of 6.9 (MEDIUM) to this vulnerability.
No publicly available information on exploits or mitigations exists at this time.

Recommendations:

Update Pandora FMS to a patched version.

Monitor for suspicious activity on your server.

Please note: This information is for informational purposes only. Always consult with a security professional before making any changes to your system.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top