Skip to main content

Monitoring And Management

2 CVEs product

Monthly

CVE-2023-34409 CRITICAL Act Now

In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Monitoring And Management
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-7920 HIGH PATCH This Week

pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Monitoring And Management
NVD
CVSS 3.1
7.5
EPSS
2.1%
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Monitoring And Management
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Monitoring And Management
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy