Artica Pandora FMS Version 7.0 Path Disclosure Vulnerability

Artica Pandora FMS Version 7.0 Path Disclosure Vulnerability

CVE-2017-15937 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked (e.g., a /var/www pathname typically means Linux or UNIX).

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.