CVE-2023-44090

MEDIUM

Pandora FMS 700-<776 - SQL Injection in Grafana Module

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through <776.

References (1)

Core 1
Core References

Scores

CVSS v3 6.8
EPSS 0.0034
EPSS Percentile 25.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
artica/pandora_fms 700 - 776
Published Mar 19, 2024
Tracked Since Feb 18, 2026