First published: Mon Aug 01 2022(Updated: )
Credit: security@pandorafms.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pandorafms Pandora Fms | <=7.0_ng_760 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-26310 is a vulnerability in Pandora FMS v7.0NG.760 and below that allows improper authorization in User Management, potentially enabling any authenticated user to create, modify, or delete any user with full admin privilege.
CVE-2022-26310 has a severity rating of 8.8 (high).
CVE-2022-26310 could lead to a vertical privilege escalation, allowing an authenticated user to gain access to administrative privileges and perform unauthorized actions in the User Management module.
To fix CVE-2022-26310 in Pandora FMS, it is recommended to upgrade to a version above v7.0NG.760 or apply the necessary patches provided by the vendor.
You can find more information about CVE-2022-26310 on the Pandora FMS website (https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/) and the Incibe website (https://www.incibe.es/en/cve-assignment-publication/coordinated-cves).