Pandora FMS Authentication Bypass Vulnerability via API Access

Vulnerability

A vulnerability allowing authentication bypass through API access has been identified in Pandora FMS versions 777 to 800. This issue arises from an insecure default initialization of resources, which can be exploited to bypass authentication mechanisms.

Impact

Exploitation of this vulnerability allows for authentication bypass, potentially leading to unauthorized access or actions within the application.

Added: May 12, 2026, 4:34 PM

Updated: May 12, 2026, 4:34 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

5.7

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

5.7

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Pandora FMS Authentication Bypass Vulnerability via API Access

Vulnerability

Impact

Affected Products

Pandora FMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating