cbcvebase.
CVE-2023-24518
published 2023-10-03

CVE-2023-24518: A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they…

PriorityP429high7.1CVSS 3.1
AVNACLPRNUIRSUCNIHAL
EPSS
0.21%
11.0th percentile
A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. This issue affects Pandora FMS version 767 and earlier versions on all platforms.

Affected

2 ranges
VendorProductVersion rangeFixed in
artica_pfmspandora_fmsv0 – v767
pandorafmspandora_fms<= 767
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.