Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Monitoring_and_management
(Percona)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 2 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-06-06 | CVE-2023-34409 | In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticated API routes, to access otherwise protected API routes leading to escalation of privileges and information disclosure. | Monitoring_and_management | 9.8 | ||
2020-02-06 | CVE-2020-7920 | pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service. | Monitoring_and_management | 7.5 |