What is CVE-2022-26310?

CVE-2022-26310 is a vulnerability in Pandora FMS v7.0NG.760 and below that allows improper authorization in User Management, potentially enabling any authenticated user to create, modify, or delete any user with full admin privilege.

What is the severity of CVE-2022-26310?

CVE-2022-26310 has a severity rating of 8.8 (high).

How does CVE-2022-26310 impact Pandora FMS?

CVE-2022-26310 could lead to a vertical privilege escalation, allowing an authenticated user to gain access to administrative privileges and perform unauthorized actions in the User Management module.

How can I fix CVE-2022-26310 in Pandora FMS?

To fix CVE-2022-26310 in Pandora FMS, it is recommended to upgrade to a version above v7.0NG.760 or apply the necessary patches provided by the vendor.

Where can I find more information about CVE-2022-26310?

You can find more information about CVE-2022-26310 on the Pandora FMS website (https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/) and the Incibe website (https://www.incibe.es/en/cve-assignment-publication/coordinated-cves).

Vulnerability/
CVE-2022-26310

high

8.8

CWE

285

1/8/2022

5/8/2022

CVE-2022-26310

First published: Mon Aug 01 2022(Updated: )

Credit: security@pandorafms.com

Affected Software	Affected Version	How to fix
Pandorafms Pandora Fms	<=7.0_ng_760

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-26310?
CVE-2022-26310 is a vulnerability in Pandora FMS v7.0NG.760 and below that allows improper authorization in User Management, potentially enabling any authenticated user to create, modify, or delete any user with full admin privilege.
What is the severity of CVE-2022-26310?
CVE-2022-26310 has a severity rating of 8.8 (high).
How does CVE-2022-26310 impact Pandora FMS?
CVE-2022-26310 could lead to a vertical privilege escalation, allowing an authenticated user to gain access to administrative privileges and perform unauthorized actions in the User Management module.
How can I fix CVE-2022-26310 in Pandora FMS?
To fix CVE-2022-26310 in Pandora FMS, it is recommended to upgrade to a version above v7.0NG.760 or apply the necessary patches provided by the vendor.
Where can I find more information about CVE-2022-26310?
You can find more information about CVE-2022-26310 on the Pandora FMS website (https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/) and the Incibe website (https://www.incibe.es/en/cve-assignment-publication/coordinated-cves).

collector/nvd-index
vendor/pandorafms
product/pandora fms
canonical/pandorafms pandora fms

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.