All the vulnerabilites related to cacti - cacti
cve-2015-2665
Vulnerability from cvelistv5
Published
2015-06-17 18:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.cacti.net/release_notes_0_8_8d.php | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032672 | vdb-entry, x_refsource_SECTRACK | |
| http://www.fortiguard.com/advisory/FG-VD-15-017/ | x_refsource_MISC | |
| http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/75309 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2015/dsa-3295 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-a8e2be0fe6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "1032672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032672"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FG-VD-15-017/"
},
{
"name": "FEDORA-2016-852a39e085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75309"
},
{
"name": "DSA-3295",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2016-a8e2be0fe6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "1032672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032672"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FG-VD-15-017/"
},
{
"name": "FEDORA-2016-852a39e085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75309"
},
{
"name": "DSA-3295",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-a8e2be0fe6",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"name": "http://www.cacti.net/release_notes_0_8_8d.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "1032672",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"name": "http://www.fortiguard.com/advisory/FG-VD-15-017/",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FG-VD-15-017/"
},
{
"name": "FEDORA-2016-852a39e085",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75309"
},
{
"name": "DSA-3295",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2665",
"datePublished": "2015-06-17T18:00:00",
"dateReserved": "2015-03-20T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39358
Vulnerability from cvelistv5
Published
2023-09-05 21:00
Modified
2024-09-26 19:35
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39358",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:08:55.694582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:35:39.091Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:00:32.426Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"source": {
"advisory": "GHSA-gj95-7xr8-9p7g",
"discovery": "UNKNOWN"
},
"title": "Authenticated SQL injection vulnerability in reports_user.php in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39358",
"datePublished": "2023-09-05T21:00:32.426Z",
"dateReserved": "2023-07-28T13:26:46.480Z",
"dateUpdated": "2024-09-26T19:35:39.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0785
Vulnerability from cvelistv5
Published
2008-02-14 22:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:39.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "30045",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30045"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "DSA-1569",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "30045",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30045"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "DSA-1569",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2008-1737",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29242"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432758",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"name": "http://www.cacti.net/release_notes_0_8_7b.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "30045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30045"
},
{
"name": "29274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "DSA-1569",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"name": "28976",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0785",
"datePublished": "2008-02-14T22:00:00",
"dateReserved": "2008-02-14T00:00:00",
"dateUpdated": "2024-08-07T08:01:39.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-31444
Vulnerability from cvelistv5
Published
2024-05-13 15:03
Modified
2024-08-02 01:52
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:22:10.999271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:36:57.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T15:03:58.385Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-p4ch-7hjw-6m87",
"discovery": "UNKNOWN"
},
"title": "Cacti XSS vulnerability in lib/html.php by reading dirty data stored in database"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31444",
"datePublished": "2024-05-13T15:03:58.385Z",
"dateReserved": "2024-04-03T17:55:32.645Z",
"dateUpdated": "2024-08-02T01:52:56.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5589
Vulnerability from cvelistv5
Published
2013-08-29 10:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/54652 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2013/dsa-2747 | vendor-advisory, x_refsource_DEBIAN | |
| http://bugs.cacti.net/view.php?id=2383 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/62005 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54652",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54652"
},
{
"name": "DSA-2747",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "62005",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62005"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "54652",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54652"
},
{
"name": "DSA-2747",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "62005",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62005"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2013-5589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54652",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54652"
},
{
"name": "DSA-2747",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"name": "http://bugs.cacti.net/view.php?id=2383",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "62005",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62005"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2013-5589",
"datePublished": "2013-08-29T10:00:00",
"dateReserved": "2013-08-25T00:00:00",
"dateUpdated": "2024-08-06T17:15:21.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-5223
Vulnerability from cvelistv5
Published
2012-10-25 17:00
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bugs.cacti.net/view.php?id=2062 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/47195 | third-party-advisory, x_refsource_SECUNIA | |
| http://forums.cacti.net/viewtopic.php?f=4&t=45871 | x_refsource_CONFIRM | |
| http://forums.cacti.net/viewtopic.php?f=21&t=44116 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/71792 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/51048 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"name": "47195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.cacti.net/viewtopic.php?f=4\u0026t=45871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"name": "cacti-logout-csrf(71792)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71792"
},
{
"name": "51048",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51048"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"name": "47195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.cacti.net/viewtopic.php?f=4\u0026t=45871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"name": "cacti-logout-csrf(71792)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71792"
},
{
"name": "51048",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51048"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.cacti.net/view.php?id=2062",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"name": "47195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47195"
},
{
"name": "http://forums.cacti.net/viewtopic.php?f=4\u0026t=45871",
"refsource": "CONFIRM",
"url": "http://forums.cacti.net/viewtopic.php?f=4\u0026t=45871"
},
{
"name": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116",
"refsource": "CONFIRM",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"name": "cacti-logout-csrf(71792)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71792"
},
{
"name": "51048",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51048"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5223",
"datePublished": "2012-10-25T17:00:00",
"dateReserved": "2012-10-25T00:00:00",
"dateUpdated": "2024-08-07T00:30:46.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1000031
Vulnerability from cvelistv5
Published
2017-07-13 20:00
Modified
2024-08-05 21:53
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:53:06.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-05-06T00:00:00",
"datePublic": "2017-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-13T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-05-06T20:43:28.280410",
"ID": "CVE-2017-1000031",
"REQUESTER": "pkarolak@trustwave.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789",
"refsource": "MISC",
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000031",
"datePublished": "2017-07-13T20:00:00",
"dateReserved": "2017-07-10T00:00:00",
"dateUpdated": "2024-08-05T21:53:06.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2092
Vulnerability from cvelistv5
Published
2010-05-27 22:00
Modified
2024-08-07 02:17
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cacti.net/changelog.php | x_refsource_CONFIRM | |
| http://www.debian.org/security/2010/dsa-2060 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/41041 | third-party-advisory, x_refsource_SECUNIA | |
| https://rhn.redhat.com/errata/RHSA-2010-0635.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.vupen.com/english/advisories/2010/2132 | vdb-entry, x_refsource_VUPEN | |
| http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:14.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/changelog.php"
},
{
"name": "DSA-2060",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2060"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-06-17T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/changelog.php"
},
{
"name": "DSA-2060",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2060"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cacti.net/changelog.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/changelog.php"
},
{
"name": "DSA-2060",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2060"
},
{
"name": "41041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41041"
},
{
"name": "RHSA-2010:0635",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "ADV-2010-2132",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html",
"refsource": "MISC",
"url": "http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2092",
"datePublished": "2010-05-27T22:00:00",
"dateReserved": "2010-05-27T00:00:00",
"dateUpdated": "2024-08-07T02:17:14.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-31460
Vulnerability from cvelistv5
Published
2024-05-13 15:14
Modified
2024-08-02 01:52
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31460",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:23:51.598160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:36:17.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:57.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T15:14:38.689Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-gj3f-p326-gh8r",
"discovery": "UNKNOWN"
},
"title": "Cacti SQL Injection vulnerability in lib/api_automation.php caused by reading dirty data stored in database"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31460",
"datePublished": "2024-05-13T15:14:38.689Z",
"dateReserved": "2024-04-03T17:55:32.647Z",
"dateUpdated": "2024-08-02T01:52:57.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4032
Vulnerability from cvelistv5
Published
2009-11-27 19:00
Modified
2024-08-07 06:45
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/download_patches.php"
},
{
"name": "20091126 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"name": "20091125 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"name": "FEDORA-2009-12575",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01390.html"
},
{
"name": "38087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38087"
},
{
"name": "JVN#09758120",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN09758120/index.html"
},
{
"name": "cacti-name-xss(54388)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54388"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "JVNDB-2009-003901",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.cacti.net/#cross-site_scripting_fixes"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "[oss-security] 20091125 CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/2"
},
{
"name": "[oss-security] 20091130 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"name": "37481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37481"
},
{
"name": "[oss-security] 20091125 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/4"
},
{
"name": "[oss-security] 20091126 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"name": "37109",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37109"
},
{
"name": "ADV-2009-3325",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3325"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "37934",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37934"
},
{
"name": "60483",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/60483"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=294573"
},
{
"name": "FEDORA-2009-12560",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/download_patches.php"
},
{
"name": "20091126 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"name": "20091125 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"name": "FEDORA-2009-12575",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01390.html"
},
{
"name": "38087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38087"
},
{
"name": "JVN#09758120",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN09758120/index.html"
},
{
"name": "cacti-name-xss(54388)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54388"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "JVNDB-2009-003901",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.cacti.net/#cross-site_scripting_fixes"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "[oss-security] 20091125 CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/2"
},
{
"name": "[oss-security] 20091130 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"name": "37481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37481"
},
{
"name": "[oss-security] 20091125 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/4"
},
{
"name": "[oss-security] 20091126 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"name": "37109",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37109"
},
{
"name": "ADV-2009-3325",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3325"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "37934",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37934"
},
{
"name": "60483",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/60483"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=294573"
},
{
"name": "FEDORA-2009-12560",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-4032",
"datePublished": "2009-11-27T19:00:00",
"dateReserved": "2009-11-20T00:00:00",
"dateUpdated": "2024-08-07T06:45:50.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-43363
Vulnerability from cvelistv5
Published
2024-10-07 20:40
Modified
2024-10-08 14:22
Severity ?
EPSS score ?
Summary
Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43363",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:21:20.835700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:22:10.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T20:40:39.173Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4"
}
],
"source": {
"advisory": "GHSA-gxq4-mv8h-6qj4",
"discovery": "UNKNOWN"
},
"title": "Remote code execution via Log Poisoning in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43363",
"datePublished": "2024-10-07T20:40:39.173Z",
"dateReserved": "2024-08-09T14:23:55.512Z",
"dateUpdated": "2024-10-08T14:22:10.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-25706
Vulnerability from cvelistv5
Published
2020-11-12 00:00
Modified
2024-08-04 15:40
Severity ?
EPSS score ?
Summary
A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | The Cacti Group, Inc. | cacti |
Version: 1.2.13 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:36.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3723"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/39458efcd5286d50e6b7f905fedcdc1059354e6e"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25706"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "The Cacti Group, Inc.",
"versions": [
{
"status": "affected",
"version": "1.2.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://github.com/Cacti/cacti/issues/3723"
},
{
"url": "https://github.com/Cacti/cacti/commit/39458efcd5286d50e6b7f905fedcdc1059354e6e"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25706"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-25706",
"datePublished": "2020-11-12T00:00:00",
"dateReserved": "2020-09-16T00:00:00",
"dateUpdated": "2024-08-04T15:40:36.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12066
Vulnerability from cvelistv5
Published
2017-08-01 05:00
Modified
2024-08-05 18:28
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists because of an incomplete fix (lack of the htmlspecialchars ENT_QUOTES flag) for CVE-2017-11163.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cacti.net/release_notes.php?version=1.1.16 | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/issues/877 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:15.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists because of an incomplete fix (lack of the htmlspecialchars ENT_QUOTES flag) for CVE-2017-11163."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-01T04:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists because of an incomplete fix (lack of the htmlspecialchars ENT_QUOTES flag) for CVE-2017-11163."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cacti.net/release_notes.php?version=1.1.16",
"refsource": "CONFIRM",
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"name": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"name": "https://github.com/Cacti/cacti/issues/877",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12066",
"datePublished": "2017-08-01T05:00:00",
"dateReserved": "2017-07-31T00:00:00",
"dateUpdated": "2024-08-05T18:28:15.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-10061
Vulnerability from cvelistv5
Published
2018-04-12 16:00
Modified
2024-08-05 07:32
Severity ?
EPSS score ?
Summary
Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/1457 | x_refsource_MISC | |
| https://www.cacti.net/changelog.php | x_refsource_MISC | |
| http://www.securitytracker.com/id/1040620 | vdb-entry, x_refsource_SECTRACK | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:00.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T23:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/1457",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"name": "https://www.cacti.net/changelog.php",
"refsource": "MISC",
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040620"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10061",
"datePublished": "2018-04-12T16:00:00",
"dateReserved": "2018-04-12T00:00:00",
"dateUpdated": "2024-08-05T07:32:00.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1645
Vulnerability from cvelistv5
Published
2010-08-23 20:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.
References
| ▼ | URL | Tags |
|---|---|---|
| http://svn.cacti.net/viewvc?view=rev&revision=5778 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2010:160 | vendor-advisory, x_refsource_MANDRIVA | |
| http://secunia.com/advisories/41041 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cacti.net/release_notes_0_8_7f.php | x_refsource_CONFIRM | |
| https://rhn.redhat.com/errata/RHSA-2010-0635.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2010/2132 | vdb-entry, x_refsource_VUPEN | |
| http://svn.cacti.net/viewvc?view=rev&revision=5782 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=609115 | x_refsource_CONFIRM | |
| http://svn.cacti.net/viewvc?view=rev&revision=5784 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:42.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5778"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5782"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5784"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-16T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5778"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5782"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5784"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1645",
"datePublished": "2010-08-23T20:00:00",
"dateReserved": "2010-04-29T00:00:00",
"dateUpdated": "2024-08-07T01:28:42.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39359
Vulnerability from cvelistv5
Published
2023-09-05 20:59
Modified
2024-09-26 19:39
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39359",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:20:26.072271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:39:20.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:59:37.881Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"source": {
"advisory": "GHSA-q4wh-3f9w-836h",
"discovery": "UNKNOWN"
},
"title": "Authenticated SQL injection vulnerability in graphs.php in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39359",
"datePublished": "2023-09-05T20:59:37.881Z",
"dateReserved": "2023-07-28T13:26:46.480Z",
"dateUpdated": "2024-09-26T19:39:20.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20724
Vulnerability from cvelistv5
Published
2019-01-16 16:00
Modified
2024-08-05 12:12
Severity ?
EPSS score ?
Summary
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/2212 | x_refsource_MISC | |
| https://github.com/Cacti/cacti/blob/develop/CHANGELOG | x_refsource_MISC | |
| https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:28.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/2212"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/2212"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20724",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/2212",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/2212"
},
{
"name": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"name": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20724",
"datePublished": "2019-01-16T16:00:00",
"dateReserved": "2019-01-16T00:00:00",
"dateUpdated": "2024-08-05T12:12:28.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2967
Vulnerability from cvelistv5
Published
2015-07-10 15:00
Modified
2024-08-06 05:32
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in settings.php in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cacti.net/release_notes_0_8_8d.php | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032672 | vdb-entry, x_refsource_SECTRACK | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000094 | third-party-advisory, x_refsource_JVNDB | |
| https://security.gentoo.org/glsa/201509-03 | vendor-advisory, x_refsource_GENTOO | |
| http://jvn.jp/en/jp/JVN78187936/index.html | third-party-advisory, x_refsource_JVN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:21.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "1032672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032672"
},
{
"name": "JVNDB-2015-000094",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000094"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "JVN#78187936",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN78187936/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in settings.php in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "1032672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032672"
},
{
"name": "JVNDB-2015-000094",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000094"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "JVN#78187936",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN78187936/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in settings.php in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cacti.net/release_notes_0_8_8d.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "1032672",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"name": "JVNDB-2015-000094",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000094"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "JVN#78187936",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN78187936/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-2967",
"datePublished": "2015-07-10T15:00:00",
"dateReserved": "2015-04-07T00:00:00",
"dateUpdated": "2024-08-06T05:32:21.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0916
Vulnerability from cvelistv5
Published
2015-05-22 00:00
Modified
2024-08-06 04:26
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cacti.net/release_notes_0_8_6f.php | x_refsource_MISC | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064 | third-party-advisory, x_refsource_JVNDB | |
| http://jvn.jp/en/jp/JVN18957556/index.html | third-party-advisory, x_refsource_JVN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_6f.php"
},
{
"name": "JVNDB-2015-000064",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064"
},
{
"name": "JVN#18957556",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN18957556/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-22T00:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cacti.net/release_notes_0_8_6f.php"
},
{
"name": "JVNDB-2015-000064",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064"
},
{
"name": "JVN#18957556",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN18957556/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cacti.net/release_notes_0_8_6f.php",
"refsource": "MISC",
"url": "http://www.cacti.net/release_notes_0_8_6f.php"
},
{
"name": "JVNDB-2015-000064",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064"
},
{
"name": "JVN#18957556",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN18957556/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0916",
"datePublished": "2015-05-22T00:00:00",
"dateReserved": "2015-01-08T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-14295
Vulnerability from cvelistv5
Published
2020-06-17 13:47
Modified
2024-08-04 12:39
Severity ?
EPSS score ?
Summary
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/3622 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKM5G3YNSZDHDZMPCMAHG5B5M2V4XYSE/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W64CIB6L4HZRVQSWKPDDKXJO4J2XTOXD/ | vendor-advisory, x_refsource_FEDORA | |
| http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html | vendor-advisory, x_refsource_SUSE | |
| https://security.gentoo.org/glsa/202007-03 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html | vendor-advisory, x_refsource_SUSE | |
| http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html | x_refsource_MISC | |
| http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3622"
},
{
"name": "FEDORA-2020-8a15713da2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKM5G3YNSZDHDZMPCMAHG5B5M2V4XYSE/"
},
{
"name": "FEDORA-2020-7dddce530c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W64CIB6L4HZRVQSWKPDDKXJO4J2XTOXD/"
},
{
"name": "openSUSE-SU-2020:1060",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
},
{
"name": "GLSA-202007-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-03"
},
{
"name": "openSUSE-SU-2020:1106",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-02T15:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/3622"
},
{
"name": "FEDORA-2020-8a15713da2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKM5G3YNSZDHDZMPCMAHG5B5M2V4XYSE/"
},
{
"name": "FEDORA-2020-7dddce530c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W64CIB6L4HZRVQSWKPDDKXJO4J2XTOXD/"
},
{
"name": "openSUSE-SU-2020:1060",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
},
{
"name": "GLSA-202007-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-03"
},
{
"name": "openSUSE-SU-2020:1106",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/3622",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/3622"
},
{
"name": "FEDORA-2020-8a15713da2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKM5G3YNSZDHDZMPCMAHG5B5M2V4XYSE/"
},
{
"name": "FEDORA-2020-7dddce530c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W64CIB6L4HZRVQSWKPDDKXJO4J2XTOXD/"
},
{
"name": "openSUSE-SU-2020:1060",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
},
{
"name": "GLSA-202007-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-03"
},
{
"name": "openSUSE-SU-2020:1106",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
},
{
"name": "http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14295",
"datePublished": "2020-06-17T13:47:36",
"dateReserved": "2020-06-17T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48538
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-10-03 14:17
Severity ?
EPSS score ?
Summary
In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.cacti.net/Settings-Auth-LDAP.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/5189"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48538",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T14:17:25.400293Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T14:17:32.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T15:45:21.270771",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://docs.cacti.net/Settings-Auth-LDAP.md"
},
{
"url": "https://github.com/Cacti/cacti/issues/5189"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48538",
"datePublished": "2023-08-22T00:00:00",
"dateReserved": "2023-07-23T00:00:00",
"dateUpdated": "2024-10-03T14:17:32.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1644
Vulnerability from cvelistv5
Published
2010-08-23 20:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/1203 | vdb-entry, x_refsource_VUPEN | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2010:160 | vendor-advisory, x_refsource_MANDRIVA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=609093 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/41041 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cacti.net/release_notes_0_8_7f.php | x_refsource_CONFIRM | |
| https://rhn.redhat.com/errata/RHSA-2010-0635.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/archive/1/511393 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2010/2132 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/40332 | vdb-entry, x_refsource_BID | |
| http://svn.cacti.net/viewvc?view=rev&revision=5901 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:41.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-1203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1203"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609093"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "20100521 Cacti Multiple Parameter Cross Site Scripting Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511393"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "40332",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40332"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-16T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2010-1203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1203"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609093"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "20100521 Cacti Multiple Parameter Cross Site Scripting Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511393"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "40332",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40332"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5901"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1644",
"datePublished": "2010-08-23T20:00:00",
"dateReserved": "2010-04-29T00:00:00",
"dateUpdated": "2024-08-07T01:28:41.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20725
Vulnerability from cvelistv5
Published
2019-01-16 16:00
Modified
2024-08-05 12:12
Severity ?
EPSS score ?
Summary
A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d | x_refsource_MISC | |
| https://github.com/Cacti/cacti/blob/develop/CHANGELOG | x_refsource_MISC | |
| https://github.com/Cacti/cacti/issues/2214 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:27.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/2214"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/2214"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20725",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"name": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"name": "https://github.com/Cacti/cacti/issues/2214",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/2214"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20725",
"datePublished": "2019-01-16T16:00:00",
"dateReserved": "2019-01-16T00:00:00",
"dateUpdated": "2024-08-05T12:12:27.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-30534
Vulnerability from cvelistv5
Published
2023-09-05 21:21
Modified
2024-09-26 19:31
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:28:51.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30534",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:08:26.467084Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:31:41.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti\u2019s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a \u201csafe\u201d deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn\u2019t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:21:30.257Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p"
},
{
"url": "https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"source": {
"advisory": "GHSA-77rf-774j-6h3p",
"discovery": "UNKNOWN"
},
"title": "Insecure Deserialization in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-30534",
"datePublished": "2023-09-05T21:21:30.257Z",
"dateReserved": "2023-04-12T15:19:33.765Z",
"dateUpdated": "2024-09-26T19:31:41.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39361
Vulnerability from cvelistv5
Published
2023-09-05 20:58
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:58:00.188Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-6r43-q2fw-5wrg",
"discovery": "UNKNOWN"
},
"title": "Unauthenticated SQL Injection in graph_view.php in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39361",
"datePublished": "2023-09-05T20:58:00.188Z",
"dateReserved": "2023-07-28T13:26:46.480Z",
"dateUpdated": "2024-08-02T18:10:20.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7106
Vulnerability from cvelistv5
Published
2020-01-16 03:55
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3191"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2069-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00014.html"
},
{
"name": "FEDORA-2020-0fc6dd0fd2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"name": "FEDORA-2020-90f1c8229e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"name": "openSUSE-SU-2020:0654",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00032.html"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T23:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/3191"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2069-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00014.html"
},
{
"name": "FEDORA-2020-0fc6dd0fd2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"name": "FEDORA-2020-90f1c8229e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"name": "openSUSE-SU-2020:0654",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00032.html"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-7106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/3191",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/3191"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2069-1] cacti security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00014.html"
},
{
"name": "FEDORA-2020-0fc6dd0fd2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"name": "FEDORA-2020-90f1c8229e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"name": "openSUSE-SU-2020:0654",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00032.html"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-7106",
"datePublished": "2020-01-16T03:55:12",
"dateReserved": "2020-01-16T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1000032
Vulnerability from cvelistv5
Published
2017-07-13 20:00
Modified
2024-08-05 21:53
Severity ?
EPSS score ?
Summary
Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:53:06.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-05-06T00:00:00",
"datePublic": "2017-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-13T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-05-06T20:43:28.281211",
"ID": "CVE-2017-1000032",
"REQUESTER": "pkarolak@trustwave.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/",
"refsource": "MISC",
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000032",
"datePublished": "2017-07-13T20:00:00",
"dateReserved": "2017-07-10T00:00:00",
"dateUpdated": "2024-08-05T21:53:06.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-11691
Vulnerability from cvelistv5
Published
2017-07-27 06:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/issues/867 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/100022 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1038982 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:19:38.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/867"
},
{
"name": "100022",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100022"
},
{
"name": "1038982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038982"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-01T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/867"
},
{
"name": "100022",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100022"
},
{
"name": "1038982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038982"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c"
},
{
"name": "https://github.com/Cacti/cacti/issues/867",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/867"
},
{
"name": "100022",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100022"
},
{
"name": "1038982",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038982"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11691",
"datePublished": "2017-07-27T06:00:00",
"dateReserved": "2017-07-27T00:00:00",
"dateUpdated": "2024-08-05T18:19:38.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39511
Vulnerability from cvelistv5
Published
2023-09-06 17:40
Modified
2024-09-26 20:06
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually filter HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39511",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T20:03:12.379547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T20:06:27.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually filter HTML output.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T17:40:13.579Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"source": {
"advisory": "GHSA-5hpr-4hhc-8q42",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-Site-Scripting on reports_admin.php device name in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39511",
"datePublished": "2023-09-06T17:40:13.579Z",
"dateReserved": "2023-08-03T16:27:36.260Z",
"dateUpdated": "2024-09-26T20:06:27.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4112
Vulnerability from cvelistv5
Published
2009-11-30 21:00
Modified
2024-08-07 06:54
Severity ?
EPSS score ?
Summary
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/508129/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html | mailing-list, x_refsource_FULLDISC | |
| http://www.openwall.com/lists/oss-security/2009/11/30/2 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2009/11/26/1 | mailing-list, x_refsource_MLIST | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/54473 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/37137 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:54:09.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20091126 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"name": "20091125 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"name": "[oss-security] 20091130 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"name": "[oss-security] 20091126 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"name": "cacti-dim-command-execution(54473)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54473"
},
{
"name": "37137",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37137"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the \"Data Input Method\" for the \"Linux - Get Memory Usage\" setting to contain arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20091126 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"name": "20091125 Cacti 0.8.7e: Multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"name": "[oss-security] 20091130 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"name": "[oss-security] 20091126 Re: CVE Request - Cacti - 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"name": "cacti-dim-command-execution(54473)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54473"
},
{
"name": "37137",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37137"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the \"Data Input Method\" for the \"Linux - Get Memory Usage\" setting to contain arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20091126 Cacti 0.8.7e: Multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"name": "20091125 Cacti 0.8.7e: Multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"name": "[oss-security] 20091130 Re: CVE Request - Cacti - 0.8.7e",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"name": "[oss-security] 20091126 Re: CVE Request - Cacti - 0.8.7e",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"name": "cacti-dim-command-execution(54473)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54473"
},
{
"name": "37137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37137"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4112",
"datePublished": "2009-11-30T21:00:00",
"dateReserved": "2009-11-30T00:00:00",
"dateUpdated": "2024-08-07T06:54:09.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-8813
Vulnerability from cvelistv5
Published
2020-02-22 00:00
Modified
2024-08-04 10:12
Severity ?
EPSS score ?
Summary
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:12:10.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129"
},
{
"tags": [
"x_transferred"
],
"url": "https://drive.google.com/file/d/1A8hxTyk_NgSp04zPX-23nPbsSDeyDFio/view"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/releases"
},
{
"tags": [
"x_transferred"
],
"url": "https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3285"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156538/Cacti-1.2.8-Authenticated-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156537/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156593/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "FEDORA-2020-552e4e7879",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M77SS33IDVNGBU566TK2XVULPW3RXUQ4/"
},
{
"name": "FEDORA-2020-10fe60d68b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEMDQXDRNQYXOME7TACKDVCXZXZNGZE2/"
},
{
"name": "FEDORA-2020-d6a9e27bb1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAX3LDXPIKWNBGVZSIMZV7LI5K6BZRTO/"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"name": "GLSA-202004-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202004-16"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129"
},
{
"url": "https://drive.google.com/file/d/1A8hxTyk_NgSp04zPX-23nPbsSDeyDFio/view"
},
{
"url": "https://github.com/Cacti/cacti/releases"
},
{
"url": "https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/"
},
{
"url": "https://github.com/Cacti/cacti/issues/3285"
},
{
"url": "http://packetstormsecurity.com/files/156538/Cacti-1.2.8-Authenticated-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/156537/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/156593/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"name": "FEDORA-2020-552e4e7879",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M77SS33IDVNGBU566TK2XVULPW3RXUQ4/"
},
{
"name": "FEDORA-2020-10fe60d68b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEMDQXDRNQYXOME7TACKDVCXZXZNGZE2/"
},
{
"name": "FEDORA-2020-d6a9e27bb1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAX3LDXPIKWNBGVZSIMZV7LI5K6BZRTO/"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"url": "http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"name": "GLSA-202004-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202004-16"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-8813",
"datePublished": "2020-02-22T00:00:00",
"dateReserved": "2020-02-07T00:00:00",
"dateUpdated": "2024-08-04T10:12:10.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5588
Vulnerability from cvelistv5
Published
2013-08-29 10:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/62001 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/54652 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2013/dsa-2747 | vendor-advisory, x_refsource_DEBIAN | |
| http://bugs.cacti.net/view.php?id=2383 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "62001",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62001"
},
{
"name": "54652",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54652"
},
{
"name": "DSA-2747",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-04T18:57:00",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "62001",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62001"
},
{
"name": "54652",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54652"
},
{
"name": "DSA-2747",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2013-5588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "62001",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62001"
},
{
"name": "54652",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54652"
},
{
"name": "DSA-2747",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"name": "http://bugs.cacti.net/view.php?id=2383",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2013-5588",
"datePublished": "2013-08-29T10:00:00",
"dateReserved": "2013-08-25T00:00:00",
"dateUpdated": "2024-08-06T17:15:21.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11025
Vulnerability from cvelistv5
Published
2019-04-08 22:20
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/2581 | x_refsource_MISC | |
| https://github.com/Cacti/cacti/compare/6ea486a...99995bb | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:16.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/2581"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/compare/6ea486a...99995bb"
},
{
"name": "[debian-lts-announce] 20190416 [SECURITY] [DLA 1757-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T23:06:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/2581"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/compare/6ea486a...99995bb"
},
{
"name": "[debian-lts-announce] 20190416 [SECURITY] [DLA 1757-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/2581",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/2581"
},
{
"name": "https://github.com/Cacti/cacti/compare/6ea486a...99995bb",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/compare/6ea486a...99995bb"
},
{
"name": "[debian-lts-announce] 20190416 [SECURITY] [DLA 1757-1] cacti security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11025",
"datePublished": "2019-04-08T22:20:39",
"dateReserved": "2019-04-08T00:00:00",
"dateUpdated": "2024-08-04T22:40:16.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10970
Vulnerability from cvelistv5
Published
2017-07-06 11:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038908 | vdb-entry, x_refsource_SECTRACK | |
| https://github.com/Cacti/cacti/issues/838 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:56.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/838"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-16T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/838"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038908",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038908"
},
{
"name": "https://github.com/Cacti/cacti/issues/838",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/838"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10970",
"datePublished": "2017-07-06T11:00:00",
"dateReserved": "2017-07-06T00:00:00",
"dateUpdated": "2024-08-05T17:57:56.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39365
Vulnerability from cvelistv5
Published
2023-09-05 21:03
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:26:49.506576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:50.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:03:56.237Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-v5w7-hww7-2f22",
"discovery": "UNKNOWN"
},
"title": "Unchecked regular expressions can lead to SQL Injection and data leakage in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39365",
"datePublished": "2023-09-05T21:03:56.237Z",
"dateReserved": "2023-07-28T13:26:46.481Z",
"dateUpdated": "2024-08-02T18:10:20.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39515
Vulnerability from cvelistv5
Published
2023-09-05 20:06
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti\u0027s database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:06:20.459Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-hrg9-qqqx-wc4h",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting on data_debug.php datasource path view in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39515",
"datePublished": "2023-09-05T20:06:20.459Z",
"dateReserved": "2023-08-03T16:27:36.261Z",
"dateUpdated": "2024-08-02T18:10:21.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6035
Vulnerability from cvelistv5
Published
2007-11-20 11:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199509"
},
{
"name": "ADV-2007-3911",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3911"
},
{
"name": "cacti-graph-sql-injection(38559)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38559"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27756"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7a.php"
},
{
"name": "DSA-1418",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1418"
},
{
"name": "26487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26487"
},
{
"name": "FEDORA-2007-3683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00794.html"
},
{
"name": "27891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27891"
},
{
"name": "GLSA-200712-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-02.xml"
},
{
"name": "27745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27745"
},
{
"name": "27719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27719"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "27950",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27950"
},
{
"name": "1018982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018982"
},
{
"name": "MDKSA-2007:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:231"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199509"
},
{
"name": "ADV-2007-3911",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3911"
},
{
"name": "cacti-graph-sql-injection(38559)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38559"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27756"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7a.php"
},
{
"name": "DSA-1418",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1418"
},
{
"name": "26487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26487"
},
{
"name": "FEDORA-2007-3683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00794.html"
},
{
"name": "27891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27891"
},
{
"name": "GLSA-200712-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-02.xml"
},
{
"name": "27745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27745"
},
{
"name": "27719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27719"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "27950",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27950"
},
{
"name": "1018982",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018982"
},
{
"name": "MDKSA-2007:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:231"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=199509",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199509"
},
{
"name": "ADV-2007-3911",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3911"
},
{
"name": "cacti-graph-sql-injection(38559)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38559"
},
{
"name": "27756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27756"
},
{
"name": "http://www.cacti.net/release_notes_0_8_7a.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_7a.php"
},
{
"name": "DSA-1418",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1418"
},
{
"name": "26487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26487"
},
{
"name": "FEDORA-2007-3683",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00794.html"
},
{
"name": "27891",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27891"
},
{
"name": "GLSA-200712-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200712-02.xml"
},
{
"name": "27745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27745"
},
{
"name": "27719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27719"
},
{
"name": "SUSE-SR:2007:024",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "27950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27950"
},
{
"name": "1018982",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018982"
},
{
"name": "MDKSA-2007:231",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:231"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6035",
"datePublished": "2007-11-20T11:00:00",
"dateReserved": "2007-11-19T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1435
Vulnerability from cvelistv5
Published
2013-08-23 16:00
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
(1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/54181 | third-party-advisory, x_refsource_SECUNIA | |
| http://svn.cacti.net/viewvc?view=rev&revision=7392 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2012/dsa-2739 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/54386 | third-party-advisory, x_refsource_SECUNIA | |
| http://svn.cacti.net/viewvc?view=rev&revision=7393 | x_refsource_CONFIRM | |
| http://forums.cacti.net/viewtopic.php?f=21&t=50593 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2013/08/07/15 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:48.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7392"
},
{
"name": "openSUSE-SU-2013:1377",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"name": "DSA-2739",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"name": "54386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7393"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"name": "[oss-security] 20130807 Re: CVE request: SQL injection and shell escaping issues in Cacti \u003c 0.8.8b",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "(1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-30T09:00:00",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "54181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7392"
},
{
"name": "openSUSE-SU-2013:1377",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"name": "DSA-2739",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"name": "54386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7393"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"name": "[oss-security] 20130807 Re: CVE request: SQL injection and shell escaping issues in Cacti \u003c 0.8.8b",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2013-1435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "(1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54181",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54181"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7392",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7392"
},
{
"name": "openSUSE-SU-2013:1377",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"name": "DSA-2739",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"name": "54386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54386"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7393",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7393"
},
{
"name": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593",
"refsource": "CONFIRM",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"name": "[oss-security] 20130807 Re: CVE request: SQL injection and shell escaping issues in Cacti \u003c 0.8.8b",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2013-1435",
"datePublished": "2013-08-23T16:00:00",
"dateReserved": "2013-01-26T00:00:00",
"dateUpdated": "2024-08-06T15:04:48.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-14424
Vulnerability from cvelistv5
Published
2021-11-14 19:48
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2001016 | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/pull/4261 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:46:34.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001016"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/pull/4261"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-14T19:48:18",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001016"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/pull/4261"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2001016",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001016"
},
{
"name": "https://github.com/Cacti/cacti/pull/4261",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/pull/4261"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14424",
"datePublished": "2021-11-14T19:48:18",
"dateReserved": "2020-06-18T00:00:00",
"dateUpdated": "2024-08-04T12:46:34.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4454
Vulnerability from cvelistv5
Published
2015-06-17 18:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.cacti.net/release_notes_0_8_8d.php | x_refsource_CONFIRM | |
| http://bugs.cacti.net/view.php?id=2572 | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/75270 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2015/dsa-3295 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:11.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-a8e2be0fe6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2572"
},
{
"name": "FEDORA-2016-852a39e085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75270",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75270"
},
{
"name": "DSA-3295",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2016-a8e2be0fe6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2572"
},
{
"name": "FEDORA-2016-852a39e085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75270",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75270"
},
{
"name": "DSA-3295",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-a8e2be0fe6",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"name": "http://www.cacti.net/release_notes_0_8_8d.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "http://bugs.cacti.net/view.php?id=2572",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2572"
},
{
"name": "FEDORA-2016-852a39e085",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75270",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75270"
},
{
"name": "DSA-3295",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4454",
"datePublished": "2015-06-17T18:00:00",
"dateReserved": "2015-06-09T00:00:00",
"dateUpdated": "2024-08-06T06:18:11.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-31443
Vulnerability from cvelistv5
Published
2024-05-13 15:01
Modified
2024-08-02 01:52
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:21:18.416166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:10.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3"
},
{
"name": "https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T15:01:44.324Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3"
},
{
"name": "https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-rqc8-78cm-85j3",
"discovery": "UNKNOWN"
},
"title": "Cacti XSS vulnerability in lib/html_tree.php by reading dirty data stored in database"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31443",
"datePublished": "2024-05-13T15:01:44.324Z",
"dateReserved": "2024-04-03T17:55:32.645Z",
"dateUpdated": "2024-08-02T01:52:56.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15194
Vulnerability from cvelistv5
Published
2017-10-10 05:00
Modified
2024-08-05 19:50
Severity ?
EPSS score ?
Summary
include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039569 | vdb-entry, x_refsource_SECTRACK | |
| https://github.com/Cacti/cacti/issues/1010 | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039569",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039569"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-14T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1039569",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039569"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/1010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039569",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039569"
},
{
"name": "https://github.com/Cacti/cacti/issues/1010",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/1010"
},
{
"name": "https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15194",
"datePublished": "2017-10-10T05:00:00",
"dateReserved": "2017-10-09T00:00:00",
"dateUpdated": "2024-08-05T19:50:16.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5261
Vulnerability from cvelistv5
Published
2014-08-22 14:00
Modified
2024-08-06 11:41
Severity ?
EPSS score ?
Summary
The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2014/dsa-3007 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1127165 | x_refsource_MISC | |
| http://seclists.org/oss-sec/2014/q3/351 | mailing-list, x_refsource_MLIST | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95292 | vdb-entry, x_refsource_XF | |
| http://svn.cacti.net/viewvc?view=rev&revision=7454 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/69213 | vdb-entry, x_refsource_BID | |
| http://seclists.org/oss-sec/2014/q3/386 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:47.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"name": "[oss-security] 20140812 CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"name": "cacti-multiple-unspecified(95292)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"name": "69213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69213"
},
{
"name": "[oss-security] 20140816 Re: CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"name": "[oss-security] 20140812 CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"name": "cacti-multiple-unspecified(95292)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"name": "69213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69213"
},
{
"name": "[oss-security] 20140816 Re: CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/386"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3007",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"name": "[oss-security] 20140812 CVE id request: cacti remote code execution and SQL injection",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"name": "cacti-multiple-unspecified(95292)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"name": "69213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69213"
},
{
"name": "[oss-security] 20140816 Re: CVE id request: cacti remote code execution and SQL injection",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/386"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5261",
"datePublished": "2014-08-22T14:00:00",
"dateReserved": "2014-08-15T00:00:00",
"dateUpdated": "2024-08-06T11:41:47.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39357
Vulnerability from cvelistv5
Published
2023-09-05 21:02
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vulnerabilities in Cacti. This allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vulnerabilities in Cacti. This allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:02:39.870Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-6jhp-mgqg-fhqg",
"discovery": "UNKNOWN"
},
"title": "A Defect in sql_save() Causes Multiple SQL Injection Vulnerabilities in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39357",
"datePublished": "2023-09-05T21:02:39.870Z",
"dateReserved": "2023-07-28T13:26:46.480Z",
"dateUpdated": "2024-08-02T18:10:20.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3816
Vulnerability from cvelistv5
Published
2022-01-19 20:38
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cacti.net/info/changelog | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cacti.net/info/changelog"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cacti",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.1.38"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via \"Copy\" method at user_group_admin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T20:38:50",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cacti.net/info/changelog"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3816",
"datePublished": "2022-01-19T20:38:50",
"dateReserved": "2021-09-17T00:00:00",
"dateUpdated": "2024-08-03T17:09:09.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4342
Vulnerability from cvelistv5
Published
2015-06-17 18:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=934187"
},
{
"name": "openSUSE-SU-2015:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00052.html"
},
{
"name": "FEDORA-2016-a8e2be0fe6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2015-4342.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132224/Cacti-SQL-Injection-Header-Injection.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2571"
},
{
"name": "1032672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032672"
},
{
"name": "FEDORA-2016-852a39e085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75108",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75108"
},
{
"name": "DSA-3295",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "20150609 [CVE-2015-4342]SQL Injection and Location header injection from cdef id",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/19"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=934187"
},
{
"name": "openSUSE-SU-2015:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00052.html"
},
{
"name": "FEDORA-2016-a8e2be0fe6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/security/cve/CVE-2015-4342.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132224/Cacti-SQL-Injection-Header-Injection.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2571"
},
{
"name": "1032672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032672"
},
{
"name": "FEDORA-2016-852a39e085",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75108",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75108"
},
{
"name": "DSA-3295",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "20150609 [CVE-2015-4342]SQL Injection and Location header injection from cdef id",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/19"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=934187",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=934187"
},
{
"name": "openSUSE-SU-2015:1133",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00052.html"
},
{
"name": "FEDORA-2016-a8e2be0fe6",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"name": "https://www.suse.com/security/cve/CVE-2015-4342.html",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2015-4342.html"
},
{
"name": "http://packetstormsecurity.com/files/132224/Cacti-SQL-Injection-Header-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132224/Cacti-SQL-Injection-Header-Injection.html"
},
{
"name": "http://www.cacti.net/release_notes_0_8_8d.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"name": "http://bugs.cacti.net/view.php?id=2571",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2571"
},
{
"name": "1032672",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"name": "FEDORA-2016-852a39e085",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75108",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75108"
},
{
"name": "DSA-3295",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "20150609 [CVE-2015-4342]SQL Injection and Location header injection from cdef id",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/19"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4342",
"datePublished": "2015-06-17T18:00:00",
"dateReserved": "2015-06-05T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39366
Vulnerability from cvelistv5
Published
2023-09-05 20:42
Modified
2024-09-26 19:39
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The `data_sources.php` script displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app.
CENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39366",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:20:41.959733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:39:54.617Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The `data_sources.php` script displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. \nCENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:42:12.716Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"source": {
"advisory": "GHSA-rwhh-xxm6-vcrv",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting in data_sources.php through Device-Name in \u0027select\u0027 input in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39366",
"datePublished": "2023-09-05T20:42:12.716Z",
"dateReserved": "2023-07-28T13:26:46.481Z",
"dateUpdated": "2024-09-26T19:39:54.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3659
Vulnerability from cvelistv5
Published
2016-04-11 15:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://bugs.cacti.net/view.php?id=2673 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Apr/4 | mailing-list, x_refsource_FULLDISC | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/85806 | vdb-entry, x_refsource_BID | |
| http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2673"
},
{
"name": "20160404 [CVE-2016-3659]Cacti graph_view.php SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/4"
},
{
"name": "openSUSE-SU-2016:1328",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"name": "85806",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85806"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.cacti.net/view.php?id=2673"
},
{
"name": "20160404 [CVE-2016-3659]Cacti graph_view.php SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/4"
},
{
"name": "openSUSE-SU-2016:1328",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"name": "85806",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85806"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "http://bugs.cacti.net/view.php?id=2673",
"refsource": "MISC",
"url": "http://bugs.cacti.net/view.php?id=2673"
},
{
"name": "20160404 [CVE-2016-3659]Cacti graph_view.php SQL Injection Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/4"
},
{
"name": "openSUSE-SU-2016:1328",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"name": "85806",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85806"
},
{
"name": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3659",
"datePublished": "2016-04-11T15:00:00",
"dateReserved": "2016-03-24T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-13230
Vulnerability from cvelistv5
Published
2020-05-20 13:40
Modified
2024-08-04 12:11
Severity ?
EPSS score ?
Summary
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/3343 | x_refsource_MISC | |
| https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3343"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"name": "FEDORA-2020-8560db8779",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"name": "FEDORA-2020-d50b988a2f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T23:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/3343"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"name": "FEDORA-2020-8560db8779",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"name": "FEDORA-2020-d50b988a2f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13230",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/3343",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/3343"
},
{
"name": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"name": "FEDORA-2020-8560db8779",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"name": "FEDORA-2020-d50b988a2f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13230",
"datePublished": "2020-05-20T13:40:45",
"dateReserved": "2020-05-20T00:00:00",
"dateUpdated": "2024-08-04T12:11:19.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-49085
Vulnerability from cvelistv5
Published
2023-12-22 16:13
Modified
2024-08-02 21:46
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:28.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-vr3c-38wh-g855",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vr3c-38wh-g855"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/pollers.php#L451",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/pollers.php#L451"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T16:13:13.259Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-vr3c-38wh-g855",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vr3c-38wh-g855"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/pollers.php#L451",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/pollers.php#L451"
},
{
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-vr3c-38wh-g855",
"discovery": "UNKNOWN"
},
"title": "Cacti SQL Injection vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49085",
"datePublished": "2023-12-22T16:13:13.259Z",
"dateReserved": "2023-11-21T18:57:30.428Z",
"dateUpdated": "2024-08-02T21:46:28.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-10700
Vulnerability from cvelistv5
Published
2017-11-24 05:00
Modified
2024-08-06 03:30
Severity ?
EPSS score ?
Summary
auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846 | x_refsource_CONFIRM | |
| http://www.cacti.net/release_notes_1_0_0.php | x_refsource_CONFIRM | |
| http://bugs.cacti.net/view.php?id=2697 | x_refsource_CONFIRM | |
| https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_1_0_0.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2697"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-24T05:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_1_0_0.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2697"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10700",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846"
},
{
"name": "http://www.cacti.net/release_notes_1_0_0.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_1_0_0.php"
},
{
"name": "http://bugs.cacti.net/view.php?id=2697",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2697"
},
{
"name": "https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697",
"refsource": "CONFIRM",
"url": "https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10700",
"datePublished": "2017-11-24T05:00:00",
"dateReserved": "2017-11-23T00:00:00",
"dateUpdated": "2024-08-06T03:30:20.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25641
Vulnerability from cvelistv5
Published
2024-05-13 13:28
Modified
2024-08-01 23:44
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "the_cacti_group",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25641",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T04:00:38.811632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T14:30:27.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88"
},
{
"name": "https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/May/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the \"Package Import\" feature, allows authenticated users having the \"Import Templates\" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T13:28:58.808Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88"
},
{
"name": "https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/May/6"
}
],
"source": {
"advisory": "GHSA-7cmj-g5qc-pj88",
"discovery": "UNKNOWN"
},
"title": "Cacti RCE vulnerability when importing packages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25641",
"datePublished": "2024-05-13T13:28:58.808Z",
"dateReserved": "2024-02-08T22:26:33.514Z",
"dateUpdated": "2024-08-01T23:44:09.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16723
Vulnerability from cvelistv5
Published
2019-09-23 14:24
Modified
2024-08-05 01:24
Severity ?
EPSS score ?
Summary
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:47.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/2964"
},
{
"name": "FEDORA-2019-6bf27b45b3",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSCUUCKSYVZLN3PQE7NU76AFWUGT3E2D/"
},
{
"name": "FEDORA-2019-362f0e9710",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZO3ROHHPKLH2JRW7ES5FYSQTWIPNVLQB/"
},
{
"name": "20200120 [SECURITY] [DSA 4604-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"name": "DSA-4604",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/2964"
},
{
"name": "FEDORA-2019-6bf27b45b3",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSCUUCKSYVZLN3PQE7NU76AFWUGT3E2D/"
},
{
"name": "FEDORA-2019-362f0e9710",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZO3ROHHPKLH2JRW7ES5FYSQTWIPNVLQB/"
},
{
"name": "20200120 [SECURITY] [DSA 4604-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"name": "DSA-4604",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/2964",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/2964"
},
{
"name": "FEDORA-2019-6bf27b45b3",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSCUUCKSYVZLN3PQE7NU76AFWUGT3E2D/"
},
{
"name": "FEDORA-2019-362f0e9710",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZO3ROHHPKLH2JRW7ES5FYSQTWIPNVLQB/"
},
{
"name": "20200120 [SECURITY] [DSA 4604-1] cacti security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"name": "DSA-4604",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16723",
"datePublished": "2019-09-23T14:24:47",
"dateReserved": "2019-09-23T00:00:00",
"dateUpdated": "2024-08-05T01:24:47.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8604
Vulnerability from cvelistv5
Published
2016-04-11 21:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://bugs.cacti.net/view.php?id=2652 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1034573 | vdb-entry, x_refsource_SECTRACK | |
| http://www.openwall.com/lists/oss-security/2016/01/04/8 | mailing-list, x_refsource_MLIST | |
| http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Jan/16 | mailing-list, x_refsource_FULLDISC | |
| http://www.openwall.com/lists/oss-security/2016/01/04/9 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2016/dsa-3494 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:43.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2652"
},
{
"name": "1034573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034573"
},
{
"name": "[oss-security] 20160104 CVE Request: cacti: SQL injection vulnerability in graphs_new.php",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html"
},
{
"name": "20160108 [CVE-2015-8604] Cacti SQL injection in graphs_new.php",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/16"
},
{
"name": "[oss-security] 20160104 Re: CVE Request: cacti: SQL injection vulnerability in graphs_new.php",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/9"
},
{
"name": "DSA-3494",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.cacti.net/view.php?id=2652"
},
{
"name": "1034573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034573"
},
{
"name": "[oss-security] 20160104 CVE Request: cacti: SQL injection vulnerability in graphs_new.php",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html"
},
{
"name": "20160108 [CVE-2015-8604] Cacti SQL injection in graphs_new.php",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/16"
},
{
"name": "[oss-security] 20160104 Re: CVE Request: cacti: SQL injection vulnerability in graphs_new.php",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/9"
},
{
"name": "DSA-3494",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3494"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "http://bugs.cacti.net/view.php?id=2652",
"refsource": "MISC",
"url": "http://bugs.cacti.net/view.php?id=2652"
},
{
"name": "1034573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034573"
},
{
"name": "[oss-security] 20160104 CVE Request: cacti: SQL injection vulnerability in graphs_new.php",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/8"
},
{
"name": "http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html"
},
{
"name": "20160108 [CVE-2015-8604] Cacti SQL injection in graphs_new.php",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/16"
},
{
"name": "[oss-security] 20160104 Re: CVE Request: cacti: SQL injection vulnerability in graphs_new.php",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/9"
},
{
"name": "DSA-3494",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3494"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8604",
"datePublished": "2016-04-11T21:00:00",
"dateReserved": "2015-12-17T00:00:00",
"dateUpdated": "2024-08-06T08:20:43.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-4002
Vulnerability from cvelistv5
Published
2014-07-03 14:00
Modified
2024-08-06 11:04
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_templates.php, (7) graphs.php, (8) host.php, or (9) host_templates.php or the (10) graph_template_input_id or (11) graph_template_id parameter to graph_templates_inputs.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://svn.cacti.net/viewvc?view=rev&revision=7452 | x_refsource_CONFIRM | |
| http://svn.cacti.net/viewvc?view=rev&revision=7451 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/59203 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/68257 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2014/dsa-2970 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201509-03 | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/59517 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:04:27.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7452"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7451"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "68257",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68257"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "59517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59517"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_templates.php, (7) graphs.php, (8) host.php, or (9) host_templates.php or the (10) graph_template_input_id or (11) graph_template_id parameter to graph_templates_inputs.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7452"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7451"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "68257",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68257"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "59517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59517"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_templates.php, (7) graphs.php, (8) host.php, or (9) host_templates.php or the (10) graph_template_input_id or (11) graph_template_id parameter to graph_templates_inputs.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7452",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7452"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7451",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7451"
},
{
"name": "59203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "68257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68257"
},
{
"name": "DSA-2970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "59517",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59517"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4002",
"datePublished": "2014-07-03T14:00:00",
"dateReserved": "2014-06-09T00:00:00",
"dateUpdated": "2024-08-06T11:04:27.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39510
Vulnerability from cvelistv5
Published
2023-09-05 20:39
Modified
2024-09-26 19:40
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The`reports_admin.php` script displays reporting information about graphs, devices, data sources etc.
CENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39510",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:21:00.519262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:40:30.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The`reports_admin.php` script displays reporting information about graphs, devices, data sources etc.\nCENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:39:44.028Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"source": {
"advisory": "GHSA-24w4-4hp2-3j8h",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting in reports_admin.php through Device-Name in \u0027select\u0027 input in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39510",
"datePublished": "2023-09-05T20:39:44.028Z",
"dateReserved": "2023-08-03T16:27:36.260Z",
"dateUpdated": "2024-09-26T19:40:30.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2545
Vulnerability from cvelistv5
Published
2010-08-23 20:00
Modified
2024-08-07 02:39
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to templates_import.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via vectors related to (2) cdef.php, (3) data_input.php, (4) data_queries.php, (5) data_sources.php, (6) data_templates.php, (7) gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php, (11) graph_templates_inputs.php, (12) graph_templates_items.php, (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16) host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19) lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php, and (25) user_admin.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6041"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "42575",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "[oss-security] 20100722 Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"name": "[oss-security] 20100726 Re: Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6038"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6042"
},
{
"name": "cacti-templatesimport-xss(61227)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61227"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to templates_import.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via vectors related to (2) cdef.php, (3) data_input.php, (4) data_queries.php, (5) data_sources.php, (6) data_templates.php, (7) gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php, (11) graph_templates_inputs.php, (12) graph_templates_items.php, (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16) host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19) lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php, and (25) user_admin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6041"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "42575",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "[oss-security] 20100722 Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"name": "[oss-security] 20100726 Re: Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6038"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6042"
},
{
"name": "cacti-templatesimport-xss(61227)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61227"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2545",
"datePublished": "2010-08-23T20:00:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41444
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-10-03 14:41
Severity ?
EPSS score ?
Summary
Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:46.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41444",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T14:41:35.864772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T14:41:44.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T15:44:44.724199",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-41444",
"datePublished": "2023-08-22T00:00:00",
"dateReserved": "2022-09-26T00:00:00",
"dateUpdated": "2024-10-03T14:41:44.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-26247
Vulnerability from cvelistv5
Published
2022-01-19 20:38
Modified
2024-08-03 20:19
Severity ?
EPSS score ?
Summary
As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cacti.net/info/changelog | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:20.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cacti.net/info/changelog"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cacti",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "0.8.7g"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "As an unauthenticated remote user, visit \"http://\u003cCACTI_SERVER\u003e/auth_changepassword.php?ref=\u003cscript\u003ealert(1)\u003c/script\u003e\" to successfully execute the JavaScript payload present in the \"ref\" URL parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T20:38:53",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cacti.net/info/changelog"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-26247",
"datePublished": "2022-01-19T20:38:53",
"dateReserved": "2021-10-18T00:00:00",
"dateUpdated": "2024-08-03T20:19:20.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-35701
Vulnerability from cvelistv5
Published
2021-01-11 15:57
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/ | x_refsource_MISC | |
| https://github.com/Cacti/cacti/issues/4022 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202101-31 | vendor-advisory, x_refsource_GENTOO | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBKBR2MFZJ6C2I4I5PCRR6UERPY24XZN/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DDD22Z56THHDTXAFM447UH3BVINURIF/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7DPUWZBAMCXFKAKUAJSHL3CKTOLGAK6/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:15.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/4022"
},
{
"name": "GLSA-202101-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-31"
},
{
"name": "FEDORA-2021-6dfba2aabf",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBKBR2MFZJ6C2I4I5PCRR6UERPY24XZN/"
},
{
"name": "FEDORA-2021-598b6d2924",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DDD22Z56THHDTXAFM447UH3BVINURIF/"
},
{
"name": "FEDORA-2021-0e0fd08e44",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7DPUWZBAMCXFKAKUAJSHL3CKTOLGAK6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-20T03:06:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/4022"
},
{
"name": "GLSA-202101-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202101-31"
},
{
"name": "FEDORA-2021-6dfba2aabf",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBKBR2MFZJ6C2I4I5PCRR6UERPY24XZN/"
},
{
"name": "FEDORA-2021-598b6d2924",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DDD22Z56THHDTXAFM447UH3BVINURIF/"
},
{
"name": "FEDORA-2021-0e0fd08e44",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7DPUWZBAMCXFKAKUAJSHL3CKTOLGAK6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/",
"refsource": "MISC",
"url": "https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/"
},
{
"name": "https://github.com/Cacti/cacti/issues/4022",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/4022"
},
{
"name": "GLSA-202101-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202101-31"
},
{
"name": "FEDORA-2021-6dfba2aabf",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBKBR2MFZJ6C2I4I5PCRR6UERPY24XZN/"
},
{
"name": "FEDORA-2021-598b6d2924",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DDD22Z56THHDTXAFM447UH3BVINURIF/"
},
{
"name": "FEDORA-2021-0e0fd08e44",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7DPUWZBAMCXFKAKUAJSHL3CKTOLGAK6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35701",
"datePublished": "2021-01-11T15:57:51",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:15.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-43362
Vulnerability from cvelistv5
Published
2024-10-07 20:34
Modified
2024-10-08 13:53
Severity ?
EPSS score ?
Summary
Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `fileurl` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43362",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T13:07:47.392940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T13:53:28.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `fileurl` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T20:34:58.936Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c"
}
],
"source": {
"advisory": "GHSA-wh9c-v56x-v77c",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting (XSS) when creating external links in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43362",
"datePublished": "2024-10-07T20:34:58.936Z",
"dateReserved": "2024-08-09T14:23:55.512Z",
"dateUpdated": "2024-10-08T13:53:28.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51448
Vulnerability from cvelistv5
Published
2023-12-22 16:44
Modified
2024-08-02 22:32
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:10.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/managers.php#L941",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/managers.php#L941"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `\u2018managers.php\u2019`. An authenticated attacker with the \u201cSettings/Utilities\u201d permission can send a crafted HTTP GET request to the endpoint `\u2018/cacti/managers.php\u2019` with an SQLi payload in the `\u2018selected_graphs_array\u2019` HTTP GET parameter. As of time of publication, no patched versions exist."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T16:44:57.007Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/managers.php#L941",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/managers.php#L941"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-w85f-7c4w-7594",
"discovery": "UNKNOWN"
},
"title": "SQL Injection vulnerability when managing SNMP Notification Receivers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51448",
"datePublished": "2023-12-22T16:44:57.007Z",
"dateReserved": "2023-12-19T15:19:39.615Z",
"dateUpdated": "2024-08-02T22:32:10.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8377
Vulnerability from cvelistv5
Published
2015-12-15 21:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2016/dsa-3494 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securitytracker.com/id/1034498 | vdb-entry, x_refsource_SECTRACK | |
| http://seclists.org/fulldisclosure/2015/Dec/57 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:32.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3494",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3494"
},
{
"name": "1034498",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034498"
},
{
"name": "20151213 [CVE-2015-8377] Cacti graphs_new.php SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/57"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3494",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3494"
},
{
"name": "1034498",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034498"
},
{
"name": "20151213 [CVE-2015-8377] Cacti graphs_new.php SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/57"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3494",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3494"
},
{
"name": "1034498",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034498"
},
{
"name": "20151213 [CVE-2015-8377] Cacti graphs_new.php SQL Injection Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/57"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8377",
"datePublished": "2015-12-15T21:00:00",
"dateReserved": "2015-11-30T00:00:00",
"dateUpdated": "2024-08-06T08:13:32.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39516
Vulnerability from cvelistv5
Published
2023-09-05 21:09
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the 'General Administration>Sites/Devices/Data' permissions can configure the data source path in Cacti. This configuration occurs through `http://<HOST>/cacti/data_sources.php`. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the \u0027General Administration\u003eSites/Devices/Data\u0027 permissions can configure the data source path in Cacti. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_sources.php`. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:09:28.545Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-r8qq-88g3-hmgv",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-Site-Scripting on data_sources.php debug html-block in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39516",
"datePublished": "2023-09-05T21:09:28.545Z",
"dateReserved": "2023-08-03T16:27:36.261Z",
"dateUpdated": "2024-08-02T18:10:21.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20723
Vulnerability from cvelistv5
Published
2019-01-16 16:00
Modified
2024-08-05 12:12
Severity ?
EPSS score ?
Summary
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d | x_refsource_MISC | |
| https://github.com/Cacti/cacti/blob/develop/CHANGELOG | x_refsource_MISC | |
| https://github.com/Cacti/cacti/issues/2215 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:28.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/2215"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/2215"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"name": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"name": "https://github.com/Cacti/cacti/issues/2215",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/2215"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20723",
"datePublished": "2019-01-16T16:00:00",
"dateReserved": "2019-01-16T00:00:00",
"dateUpdated": "2024-08-05T12:12:28.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2709
Vulnerability from cvelistv5
Published
2014-04-23 14:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/66630 | vdb-entry, x_refsource_BID | |
| http://svn.cacti.net/viewvc?view=rev&revision=7439 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/59203 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html | vendor-advisory, x_refsource_FEDORA | |
| http://seclists.org/oss-sec/2014/q2/15 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/57647 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2014/dsa-2970 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201509-03 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:36.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "66630",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66630"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "[oss-security] 20140403 Re: CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"name": "57647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "66630",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66630"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "[oss-security] 20140403 Re: CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"name": "57647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-4928",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "66630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66630"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"name": "59203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59203"
},
{
"name": "FEDORA-2014-4892",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "[oss-security] 20140403 Re: CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"name": "57647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2709",
"datePublished": "2014-04-23T14:00:00",
"dateReserved": "2014-04-01T00:00:00",
"dateUpdated": "2024-08-06T10:21:36.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12927
Vulnerability from cvelistv5
Published
2017-08-18 02:00
Modified
2024-08-05 18:51
Severity ?
EPSS score ?
Summary
A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/907 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/100490 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039208 | vdb-entry, x_refsource_SECTRACK | |
| https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:07.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/907"
},
{
"name": "100490",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100490"
},
{
"name": "1039208",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039208"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-26T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/907"
},
{
"name": "100490",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100490"
},
{
"name": "1039208",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039208"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/907",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/907"
},
{
"name": "100490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100490"
},
{
"name": "1039208",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039208"
},
{
"name": "https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12927",
"datePublished": "2017-08-18T02:00:00",
"dateReserved": "2017-08-17T00:00:00",
"dateUpdated": "2024-08-05T18:51:07.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2326
Vulnerability from cvelistv5
Published
2014-03-27 16:00
Modified
2024-08-06 10:06
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7443"
},
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59203"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2431"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "66390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66390"
},
{
"name": "57647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7443"
},
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59203"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2431"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "66390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66390"
},
{
"name": "57647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7443",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7443"
},
{
"name": "FEDORA-2014-4928",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59203"
},
{
"name": "http://bugs.cacti.net/view.php?id=2431",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2431"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "FEDORA-2014-4892",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "66390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66390"
},
{
"name": "57647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2326",
"datePublished": "2014-03-27T16:00:00",
"dateReserved": "2014-03-12T00:00:00",
"dateUpdated": "2024-08-06T10:06:00.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39364
Vulnerability from cvelistv5
Published
2023-09-05 21:13
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It's value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It\u0027s value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:13:17.827Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-4pjv-rmrp-r59x",
"discovery": "UNKNOWN"
},
"title": "Open redirect in change password functionality in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39364",
"datePublished": "2023-09-05T21:13:17.827Z",
"dateReserved": "2023-07-28T13:26:46.481Z",
"dateUpdated": "2024-08-02T18:10:20.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16641
Vulnerability from cvelistv5
Published
2017-11-07 20:00
Modified
2024-09-17 00:01
Severity ?
EPSS score ?
Summary
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/1057 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:04.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1057"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/1057"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/1057",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/1057"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16641",
"datePublished": "2017-11-07T20:00:00Z",
"dateReserved": "2017-11-07T00:00:00Z",
"dateUpdated": "2024-09-17T00:01:51.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5262
Vulnerability from cvelistv5
Published
2014-08-22 14:00
Modified
2024-08-06 11:41
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2014/dsa-3007 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1127165 | x_refsource_MISC | |
| http://seclists.org/oss-sec/2014/q3/351 | mailing-list, x_refsource_MLIST | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95292 | vdb-entry, x_refsource_XF | |
| http://svn.cacti.net/viewvc?view=rev&revision=7454 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/69213 | vdb-entry, x_refsource_BID | |
| http://seclists.org/oss-sec/2014/q3/386 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:48.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"name": "[oss-security] 20140812 CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"name": "cacti-multiple-unspecified(95292)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"name": "69213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69213"
},
{
"name": "[oss-security] 20140816 Re: CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"name": "[oss-security] 20140812 CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"name": "cacti-multiple-unspecified(95292)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"name": "69213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69213"
},
{
"name": "[oss-security] 20140816 Re: CVE id request: cacti remote code execution and SQL injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/386"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "DSA-3007",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"name": "[oss-security] 20140812 CVE id request: cacti remote code execution and SQL injection",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"name": "cacti-multiple-unspecified(95292)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"name": "69213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69213"
},
{
"name": "[oss-security] 20140816 Re: CVE id request: cacti remote code execution and SQL injection",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/386"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5262",
"datePublished": "2014-08-22T14:00:00",
"dateReserved": "2014-08-15T00:00:00",
"dateUpdated": "2024-08-06T11:41:48.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39360
Vulnerability from cvelistv5
Published
2023-09-05 20:43
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in `graphs_new.php`. Several validations are performed, but the `returnto` parameter is directly passed to `form_save_button`. In order to bypass this validation, returnto must contain `host.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in `graphs_new.php`. Several validations are performed, but the `returnto` parameter is directly passed to `form_save_button`. In order to bypass this validation, returnto must contain `host.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:43:13.193Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-gx8c-xvjh-9qh4",
"discovery": "UNKNOWN"
},
"title": "Reflected Cross-site Scripting in graphs_new.php in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39360",
"datePublished": "2023-09-05T20:43:13.193Z",
"dateReserved": "2023-07-28T13:26:46.480Z",
"dateUpdated": "2024-08-02T18:10:20.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-43365
Vulnerability from cvelistv5
Published
2024-10-07 20:38
Modified
2024-10-08 14:03
Severity ?
EPSS score ?
Summary
Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the “consolenewsection” parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/security/advisories/GHSA-49f2-hwx9-qffr | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43365",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T13:58:21.443658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:03:16.674Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the \u201cconsolenewsection\u201d parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T20:38:26.732Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-49f2-hwx9-qffr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-49f2-hwx9-qffr"
}
],
"source": {
"advisory": "GHSA-49f2-hwx9-qffr",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting (XSS) when creating external links in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43365",
"datePublished": "2024-10-07T20:38:26.732Z",
"dateReserved": "2024-08-09T14:23:55.512Z",
"dateUpdated": "2024-10-08T14:03:16.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30268
Vulnerability from cvelistv5
Published
2024-05-13 14:56
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit a38b9046e9772612fda847b46308f9391a49891e.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/commit/a38b9046e9772612fda847b46308f9391a49891e | x_refsource_MISC | |
| https://github.com/Cacti/cacti/blob/08497b8bcc6a6037f7b1aae303ad8f7dfaf7364e/settings.php#L66 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:1.3*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"status": "affected",
"version": "1.3.*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30268",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T16:33:01.169282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:38.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:06.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q"
},
{
"name": "https://github.com/Cacti/cacti/commit/a38b9046e9772612fda847b46308f9391a49891e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/a38b9046e9772612fda847b46308f9391a49891e"
},
{
"name": "https://github.com/Cacti/cacti/blob/08497b8bcc6a6037f7b1aae303ad8f7dfaf7364e/settings.php#L66",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/08497b8bcc6a6037f7b1aae303ad8f7dfaf7364e/settings.php#L66"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "= 1.3.x DEV"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit a38b9046e9772612fda847b46308f9391a49891e."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T14:56:18.471Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q"
},
{
"name": "https://github.com/Cacti/cacti/commit/a38b9046e9772612fda847b46308f9391a49891e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/a38b9046e9772612fda847b46308f9391a49891e"
},
{
"name": "https://github.com/Cacti/cacti/blob/08497b8bcc6a6037f7b1aae303ad8f7dfaf7364e/settings.php#L66",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/08497b8bcc6a6037f7b1aae303ad8f7dfaf7364e/settings.php#L66"
}
],
"source": {
"advisory": "GHSA-9m3v-whmr-pc2q",
"discovery": "UNKNOWN"
},
"title": "Cacti XSS vulnerability in display_settings"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-30268",
"datePublished": "2024-05-13T14:56:18.471Z",
"dateReserved": "2024-03-26T12:52:00.935Z",
"dateUpdated": "2024-08-02T01:32:06.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-31132
Vulnerability from cvelistv5
Published
2023-09-05 21:19
Modified
2024-09-26 19:32
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:25.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31132",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:08:43.003041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:32:31.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:19:22.831Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
}
],
"source": {
"advisory": "GHSA-rf5w-pq3f-9876",
"discovery": "UNKNOWN"
},
"title": "Cacti Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-31132",
"datePublished": "2023-09-05T21:19:22.831Z",
"dateReserved": "2023-04-24T21:44:10.416Z",
"dateUpdated": "2024-09-26T19:32:31.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34340
Vulnerability from cvelistv5
Published
2024-05-13 15:26
Modified
2024-08-21 20:47
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls `compat_password_verify`. In `compat_password_verify`, `password_verify` is called if there is it, else use `md5`. `password_verify` and `password_hash` are supported on PHP < 5.5.0, following PHP manual. The vulnerability is in `compat_password_verify`. Md5-hashed user input is compared with correct password in database by `$md5 == $hash`. It is a loose comparison, not `===`. It is a type juggling vulnerability. Version 1.2.27 contains a patch for the issue.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34340",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:13:47.563016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T20:47:27.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls `compat_password_verify`. In `compat_password_verify`, `password_verify` is called if there is it, else use `md5`. `password_verify` and `password_hash` are supported on PHP \u003c 5.5.0, following PHP manual. The vulnerability is in `compat_password_verify`. Md5-hashed user input is compared with correct password in database by `$md5 == $hash`. It is a loose comparison, not `===`. It is a type juggling vulnerability. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-697",
"description": "CWE-697: Incorrect Comparison",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T15:26:32.364Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-37x7-mfjv-mm7m",
"discovery": "UNKNOWN"
},
"title": "Authentication Bypass when using using older password hashes"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34340",
"datePublished": "2024-05-13T15:26:32.364Z",
"dateReserved": "2024-05-02T06:36:32.436Z",
"dateUpdated": "2024-08-21T20:47:27.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-43364
Vulnerability from cvelistv5
Published
2024-10-07 20:38
Modified
2024-10-08 14:03
Severity ?
EPSS score ?
Summary
Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `title` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/security/advisories/GHSA-fgc6-g8gc-wcg5 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43364",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T13:58:27.483677Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:03:24.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `title` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T20:38:24.506Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-fgc6-g8gc-wcg5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-fgc6-g8gc-wcg5"
}
],
"source": {
"advisory": "GHSA-fgc6-g8gc-wcg5",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting (XSS) when creating external links in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43364",
"datePublished": "2024-10-07T20:38:24.506Z",
"dateReserved": "2024-08-09T14:23:55.512Z",
"dateUpdated": "2024-10-08T14:03:24.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7058
Vulnerability from cvelistv5
Published
2020-01-15 06:03
Modified
2024-11-18 17:48
Severity ?
EPSS score ?
Summary
data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -> Data Input Methods -> Unix -> Ping Host. NOTE: the vendor has stated "This is a false alarm.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/3186 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3186"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-7058",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T17:48:42.706986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T17:48:50.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -\u003e Data Input Methods -\u003e Unix -\u003e Ping Host. NOTE: the vendor has stated \"This is a false alarm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-15T06:03:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/3186"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-7058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -\u003e Data Input Methods -\u003e Unix -\u003e Ping Host. NOTE: the vendor has stated \"This is a false alarm.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/3186",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/3186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-7058",
"datePublished": "2020-01-15T06:03:56",
"dateReserved": "2020-01-15T00:00:00",
"dateUpdated": "2024-11-18T17:48:50.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2313
Vulnerability from cvelistv5
Published
2016-04-13 17:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securitytracker.com/id/1037745 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html | vendor-advisory, x_refsource_SUSE | |
| http://www.cacti.net/release_notes_0_8_8g.php | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html | vendor-advisory, x_refsource_SUSE | |
| http://bugs.cacti.net/view.php?id=2656 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201711-10 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "1037745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037745"
},
{
"name": "openSUSE-SU-2016:0438",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_8g.php"
},
{
"name": "openSUSE-SU-2016:0437",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html"
},
{
"name": "openSUSE-SU-2016:0440",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2656"
},
{
"name": "GLSA-201711-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:00",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "1037745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037745"
},
{
"name": "openSUSE-SU-2016:0438",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_8g.php"
},
{
"name": "openSUSE-SU-2016:0437",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html"
},
{
"name": "openSUSE-SU-2016:0440",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2656"
},
{
"name": "GLSA-201711-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-10"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-2313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "1037745",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037745"
},
{
"name": "openSUSE-SU-2016:0438",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html"
},
{
"name": "http://www.cacti.net/release_notes_0_8_8g.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_8g.php"
},
{
"name": "openSUSE-SU-2016:0437",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html"
},
{
"name": "openSUSE-SU-2016:0440",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html"
},
{
"name": "http://bugs.cacti.net/view.php?id=2656",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2656"
},
{
"name": "GLSA-201711-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-10"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-2313",
"datePublished": "2016-04-13T17:00:00",
"dateReserved": "2016-02-10T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48547
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-10-03 14:09
Severity ?
EPSS score ?
Summary
A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:54.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1882"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48547",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T14:09:10.018923Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T14:09:19.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the \"ref\" parameter at auth_changepassword.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T15:45:23.916057",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Cacti/cacti/issues/1882"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48547",
"datePublished": "2023-08-22T00:00:00",
"dateReserved": "2023-07-23T00:00:00",
"dateUpdated": "2024-10-03T14:09:19.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-49088
Vulnerability from cvelistv5
Published
2023-12-22 16:16
Modified
2024-08-02 21:46
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:29.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration\u003eSites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://\u003cHOST\u003e/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T16:16:53.348Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-q7g7-gcf6-wh4x",
"discovery": "UNKNOWN"
},
"title": "Cacti has incomplete fix for CVE-2023-39515"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49088",
"datePublished": "2023-12-22T16:16:53.348Z",
"dateReserved": "2023-11-21T18:57:30.429Z",
"dateUpdated": "2024-08-02T21:46:29.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-23226
Vulnerability from cvelistv5
Published
2021-08-27 00:00
Modified
2024-08-04 14:58
Severity ?
EPSS score ?
Summary
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:58:14.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3549"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Cacti/cacti/issues/3549"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-23226",
"datePublished": "2021-08-27T00:00:00",
"dateReserved": "2020-08-13T00:00:00",
"dateUpdated": "2024-08-04T14:58:14.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5025
Vulnerability from cvelistv5
Published
2014-10-20 17:00
Modified
2024-08-06 11:34
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2014/dsa-3007 | vendor-advisory, x_refsource_DEBIAN | |
| http://bugs.cacti.net/view.php?id=2456 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2014/07/22/9 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/68759 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/94814 | vdb-entry, x_refsource_XF | |
| https://security.gentoo.org/glsa/201509-03 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"name": "[oss-security] 20140722 Re: CVE request: cacti XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"name": "68759",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "cacti-cve20145025-xss(94814)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94814"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"name": "[oss-security] 20140722 Re: CVE request: cacti XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"name": "68759",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "cacti-cve20145025-xss(94814)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94814"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3007",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"name": "http://bugs.cacti.net/view.php?id=2456",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"name": "[oss-security] 20140722 Re: CVE request: cacti XSS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"name": "68759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68759"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "cacti-cve20145025-xss(94814)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94814"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5025",
"datePublished": "2014-10-20T17:00:00",
"dateReserved": "2014-07-22T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-23225
Vulnerability from cvelistv5
Published
2022-01-19 20:38
Modified
2024-08-03 19:05
Severity ?
EPSS score ?
Summary
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cacti.net/info/changelog | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cacti.net/info/changelog"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cacti",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.1.38"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the \"new_username\" field during creation of a new user via \"Copy\" method at user_admin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T23:06:15",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cacti.net/info/changelog"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-23225",
"datePublished": "2022-01-19T20:38:52",
"dateReserved": "2021-10-18T00:00:00",
"dateUpdated": "2024-08-03T19:05:54.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2543
Vulnerability from cvelistv5
Published
2010-08-23 20:00
Modified
2024-08-07 02:39
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-4032.2.b.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDVSA-2010:160 | vendor-advisory, x_refsource_MANDRIVA | |
| http://marc.info/?l=oss-security&m=127978954522586&w=2 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=541279 | x_refsource_CONFIRM | |
| http://cacti.net/release_notes_0_8_7g.php | x_refsource_CONFIRM | |
| http://marc.info/?l=oss-security&m=128017203704299&w=2 | mailing-list, x_refsource_MLIST | |
| http://svn.cacti.net/viewvc?view=rev&revision=6025 | x_refsource_CONFIRM | |
| http://svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025&r2=6024 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "[oss-security] 20100722 Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541279"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"name": "[oss-security] 20100726 Re: Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025\u0026r2=6024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-4032.2.b."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-16T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "[oss-security] 20100722 Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541279"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"name": "[oss-security] 20100726 Re: Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025\u0026r2=6024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2543",
"datePublished": "2010-08-23T20:00:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12065
Vulnerability from cvelistv5
Published
2017-08-01 05:00
Modified
2024-08-05 18:28
Severity ?
EPSS score ?
Summary
spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cacti.net/release_notes.php?version=1.1.16 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/100080 | vdb-entry, x_refsource_BID | |
| https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/issues/877 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201711-10 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:15.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"name": "100080",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100080"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/877"
},
{
"name": "GLSA-201711-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-12T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"name": "100080",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100080"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/877"
},
{
"name": "GLSA-201711-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-10"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cacti.net/release_notes.php?version=1.1.16",
"refsource": "CONFIRM",
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"name": "100080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100080"
},
{
"name": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"name": "https://github.com/Cacti/cacti/issues/877",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/877"
},
{
"name": "GLSA-201711-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-10"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12065",
"datePublished": "2017-08-01T05:00:00",
"dateReserved": "2017-07-31T00:00:00",
"dateUpdated": "2024-08-05T18:28:15.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-37543
Vulnerability from cvelistv5
Published
2023-08-10 00:00
Modified
2024-10-09 20:34
Severity ?
EPSS score ?
Summary
Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj"
},
{
"tags": [
"x_transferred"
],
"url": "https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37543",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T20:34:34.627078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:34:46.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj"
},
{
"url": "https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37543",
"datePublished": "2023-08-10T00:00:00",
"dateReserved": "2023-07-06T00:00:00",
"dateUpdated": "2024-10-09T20:34:46.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-49084
Vulnerability from cvelistv5
Published
2023-12-21 23:04
Modified
2024-08-02 21:46
Severity ?
EPSS score ?
Summary
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:29.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "= 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-21T23:04:44.219Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-pfh9-gwm6-86vp",
"discovery": "UNKNOWN"
},
"title": "Local File Inclusion (RCE) in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49084",
"datePublished": "2023-12-21T23:04:44.219Z",
"dateReserved": "2023-11-21T18:57:30.428Z",
"dateUpdated": "2024-08-02T21:46:29.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-31459
Vulnerability from cvelistv5
Published
2024-05-13 15:11
Modified
2024-08-02 01:52
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31459",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T04:00:41.024822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:02.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:57.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T15:11:37.909Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-cx8g-hvq8-p2rv",
"discovery": "UNKNOWN"
},
"title": "Cacti RCE vulnerability by file include in lib/plugin.php "
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31459",
"datePublished": "2024-05-13T15:11:37.909Z",
"dateReserved": "2024-04-03T17:55:32.647Z",
"dateUpdated": "2024-08-02T01:52:57.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4824
Vulnerability from cvelistv5
Published
2011-12-15 02:00
Modified
2024-08-07 00:16
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bugs.cacti.net/view.php?id=2062 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/46876 | third-party-advisory, x_refsource_SECUNIA | |
| http://forums.cacti.net/viewtopic.php?f=21&t=44116 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/50671 | vdb-entry, x_refsource_BID | |
| http://www.cacti.net/release_notes_0_8_7h.php | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069141.html | vendor-advisory, x_refsource_FEDORA | |
| http://svn.cacti.net/viewvc?view=rev&revision=6807 | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069137.html | vendor-advisory, x_refsource_FEDORA | |
| http://secunia.com/advisories/44133 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/71326 | vdb-entry, x_refsource_XF | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069126.html | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"name": "46876",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46876"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"name": "50671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50671"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7h.php"
},
{
"name": "FEDORA-2011-15071",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069141.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6807"
},
{
"name": "FEDORA-2011-15110",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069137.html"
},
{
"name": "44133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44133"
},
{
"name": "cacti-unspecified-sql-injection(71326)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71326"
},
{
"name": "FEDORA-2011-15032",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069126.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"name": "46876",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46876"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"name": "50671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50671"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7h.php"
},
{
"name": "FEDORA-2011-15071",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069141.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6807"
},
{
"name": "FEDORA-2011-15110",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069137.html"
},
{
"name": "44133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44133"
},
{
"name": "cacti-unspecified-sql-injection(71326)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71326"
},
{
"name": "FEDORA-2011-15032",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069126.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.cacti.net/view.php?id=2062",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"name": "46876",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46876"
},
{
"name": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116",
"refsource": "CONFIRM",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"name": "50671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50671"
},
{
"name": "http://www.cacti.net/release_notes_0_8_7h.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_7h.php"
},
{
"name": "FEDORA-2011-15071",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069141.html"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6807",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6807"
},
{
"name": "FEDORA-2011-15110",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069137.html"
},
{
"name": "44133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44133"
},
{
"name": "cacti-unspecified-sql-injection(71326)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71326"
},
{
"name": "FEDORA-2011-15032",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069126.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4824",
"datePublished": "2011-12-15T02:00:00",
"dateReserved": "2011-12-14T00:00:00",
"dateUpdated": "2024-08-07T00:16:34.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0784
Vulnerability from cvelistv5
Published
2008-02-14 22:00
Modified
2024-08-07 07:54
Severity ?
EPSS score ?
Summary
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:23.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2008-1737",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29242"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432758",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"name": "http://www.cacti.net/release_notes_0_8_7b.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "29274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "28976",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0784",
"datePublished": "2008-02-14T22:00:00",
"dateReserved": "2008-02-14T00:00:00",
"dateUpdated": "2024-08-07T07:54:23.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-50569
Vulnerability from cvelistv5
DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2023-50250. Reason: This record is a reservation duplicate of CVE-2023-50250. Notes: All CVE users should reference CVE-2023-50250 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-08-15T16:03:42.279606",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"rejectedReasons": [
{
"lang": "en",
"value": "DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2023-50250. Reason: This record is a reservation duplicate of CVE-2023-50250. Notes: All CVE users should reference CVE-2023-50250 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-50569",
"datePublished": "2023-12-22T00:00:00",
"dateRejected": "2024-08-15T00:00:00",
"dateReserved": "2023-12-11T00:00:00",
"dateUpdated": "2024-08-15T16:03:42.279606",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-10059
Vulnerability from cvelistv5
Published
2018-04-12 16:00
Modified
2024-08-05 07:32
Severity ?
EPSS score ?
Summary
Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER['PHP_SELF'] instead of $_SERVER['SCRIPT_NAME'] to determine a page name.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/1457 | x_refsource_MISC | |
| https://www.cacti.net/changelog.php | x_refsource_MISC | |
| http://www.securitytracker.com/id/1040620 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:00.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040620"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER[\u0027PHP_SELF\u0027] instead of $_SERVER[\u0027SCRIPT_NAME\u0027] to determine a page name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-26T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040620"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER[\u0027PHP_SELF\u0027] instead of $_SERVER[\u0027SCRIPT_NAME\u0027] to determine a page name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/1457",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"name": "https://www.cacti.net/changelog.php",
"refsource": "MISC",
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040620"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10059",
"datePublished": "2018-04-12T16:00:00",
"dateReserved": "2018-04-12T00:00:00",
"dateUpdated": "2024-08-05T07:32:00.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16660
Vulnerability from cvelistv5
Published
2017-11-08 05:00
Modified
2024-09-16 17:03
Severity ?
EPSS score ?
Summary
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/1066 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:04.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-08T05:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/1066",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/1066"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16660",
"datePublished": "2017-11-08T05:00:00Z",
"dateReserved": "2017-11-07T00:00:00Z",
"dateUpdated": "2024-09-16T17:03:51.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-49086
Vulnerability from cvelistv5
Published
2023-12-21 23:29
Modified
2024-08-02 21:46
Severity ?
EPSS score ?
Summary
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user's browser. This issue has been patched in version 1.2.27.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:29.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr"
},
{
"name": "https://github.com/Cacti/cacti/commit/6ec01c8b2983bf4fcb86f8c647655f74090b5be9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/6ec01c8b2983bf4fcb86f8c647655f74090b5be9"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user\u0027s browser. This issue has been patched in version 1.2.27.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T12:54:31.990Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr"
},
{
"name": "https://github.com/Cacti/cacti/commit/6ec01c8b2983bf4fcb86f8c647655f74090b5be9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/6ec01c8b2983bf4fcb86f8c647655f74090b5be9"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-wc73-r2vw-59pr",
"discovery": "UNKNOWN"
},
"title": "Cacti is vulnerable to cross-Site scripting (XSS) DOM "
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49086",
"datePublished": "2023-12-21T23:29:45.134Z",
"dateReserved": "2023-11-21T18:57:30.428Z",
"dateUpdated": "2024-08-02T21:46:29.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-29895
Vulnerability from cvelistv5
Published
2024-05-13 14:33
Modified
2024-08-02 01:17
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. Commit 53e8014d1f082034e0646edc6286cde3800c683d contains a patch for the issue, but this commit was reverted in commit 99633903cad0de5ace636249de16f77e57a3c8fc.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:1.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"status": "affected",
"version": "1.3.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29895",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:31:11.680843Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:56:45.934Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m"
},
{
"name": "https://github.com/Cacti/cacti/commit/53e8014d1f082034e0646edc6286cde3800c683d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/53e8014d1f082034e0646edc6286cde3800c683d"
},
{
"name": "https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc"
},
{
"name": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/cmd_realtime.php#L119",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/cmd_realtime.php#L119"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "= 1.3.x DEV"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER[\u0027argv\u0027]`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. Commit 53e8014d1f082034e0646edc6286cde3800c683d contains a patch for the issue, but this commit was reverted in commit 99633903cad0de5ace636249de16f77e57a3c8fc."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T14:33:27.594Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m"
},
{
"name": "https://github.com/Cacti/cacti/commit/53e8014d1f082034e0646edc6286cde3800c683d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/53e8014d1f082034e0646edc6286cde3800c683d"
},
{
"name": "https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc"
},
{
"name": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/cmd_realtime.php#L119",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/cmd_realtime.php#L119"
}
],
"source": {
"advisory": "GHSA-cr28-x256-xf5m",
"discovery": "UNKNOWN"
},
"title": "Cacti command injection in cmd_realtime.php"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29895",
"datePublished": "2024-05-13T14:33:27.594Z",
"dateReserved": "2024-03-21T15:12:08.998Z",
"dateUpdated": "2024-08-02T01:17:58.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39513
Vulnerability from cvelistv5
Published
2023-09-05 20:15
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `host.php` is used to monitor and manage hosts in the _cacti_ app, hence displays useful information such as data queries and verbose logs. _CENSUS_ found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the _General Administration>Sites/Devices/Data_ privileges. A user that possesses the _Template Editor>Data Queries_ permissions can configure the data query template path in _cacti_. Please note that such a user may be a low privileged user. This configuration occurs through `http://<HOST>/cacti/data_queries.php` by editing an existing or adding a new data query template. If a template is linked to a device then the formatted template path will be rendered in the device's management page, when a _verbose data query_ is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `host.php` is used to monitor and manage hosts in the _cacti_ app, hence displays useful information such as data queries and verbose logs. _CENSUS_ found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the _General Administration\u003eSites/Devices/Data_ privileges. A user that possesses the _Template Editor\u003eData Queries_ permissions can configure the data query template path in _cacti_. Please note that such a user may be a low privileged user. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_queries.php` by editing an existing or adding a new data query template. If a template is linked to a device then the formatted template path will be rendered in the device\u0027s management page, when a _verbose data query_ is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:15:25.776Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-9fj7-8f2j-2rw2",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting on host.php verbose data-query debug view in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39513",
"datePublished": "2023-09-05T20:15:25.776Z",
"dateReserved": "2023-08-03T16:27:36.261Z",
"dateUpdated": "2024-08-02T18:10:21.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2328
Vulnerability from cvelistv5
Published
2014-04-23 14:00
Modified
2024-08-06 10:14
Severity ?
EPSS score ?
Summary
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html | vendor-advisory, x_refsource_FEDORA | |
| http://bugs.cacti.net/view.php?id=2433 | x_refsource_CONFIRM | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768 | x_refsource_CONFIRM | |
| http://svn.cacti.net/viewvc?view=rev&revision=7442 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/531588 | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/59203 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.debian.org/security/2014/dsa-2970 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201509-03 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/66387 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:25.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7442"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "66387",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66387"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7442"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "66387",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66387"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-4928",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"name": "http://bugs.cacti.net/view.php?id=2433",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2433"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7442",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7442"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "FEDORA-2014-4892",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "DSA-2970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"name": "66387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66387"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2328",
"datePublished": "2014-04-23T14:00:00",
"dateReserved": "2014-03-12T00:00:00",
"dateUpdated": "2024-08-06T10:14:25.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-10060
Vulnerability from cvelistv5
Published
2018-04-12 16:00
Modified
2024-08-05 07:32
Severity ?
EPSS score ?
Summary
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/1457 | x_refsource_MISC | |
| https://www.cacti.net/changelog.php | x_refsource_MISC | |
| http://www.securitytracker.com/id/1040620 | vdb-entry, x_refsource_SECTRACK | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:00.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T23:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/1457",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"name": "https://www.cacti.net/changelog.php",
"refsource": "MISC",
"url": "https://www.cacti.net/changelog.php"
},
{
"name": "1040620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040620"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10060",
"datePublished": "2018-04-12T16:00:00",
"dateReserved": "2018-04-12T00:00:00",
"dateUpdated": "2024-08-05T07:32:00.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-27082
Vulnerability from cvelistv5
Published
2024-05-13 13:49
Modified
2024-08-02 00:27
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who access a particular page. Version 1.2.27 contains a patch for the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27082",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T14:24:32.093553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:23.551Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who access a particular page. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T13:49:10.484Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h"
}
],
"source": {
"advisory": "GHSA-j868-7vjp-rp9h",
"discovery": "UNKNOWN"
},
"title": "Cacti Cross-site Scripting vulnerability when managing trees"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27082",
"datePublished": "2024-05-13T13:49:10.484Z",
"dateReserved": "2024-02-19T14:43:05.991Z",
"dateUpdated": "2024-08-02T00:27:57.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8369
Vulnerability from cvelistv5
Published
2015-12-17 19:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://bugs.cacti.net/view.php?id=2646 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html | x_refsource_MISC | |
| http://www.debian.org/security/2015/dsa-3423 | vendor-advisory, x_refsource_DEBIAN | |
| http://seclists.org/fulldisclosure/2015/Dec/8 | mailing-list, x_refsource_FULLDISC | |
| http://www.securitytracker.com/id/1034497 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:32.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2646"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html"
},
{
"name": "DSA-3423",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3423"
},
{
"name": "20151209 [CVE-2015-8369] Cacti SQL injection in graph.php",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/8"
},
{
"name": "1034497",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.cacti.net/view.php?id=2646"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html"
},
{
"name": "DSA-3423",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3423"
},
{
"name": "20151209 [CVE-2015-8369] Cacti SQL injection in graph.php",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/8"
},
{
"name": "1034497",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "http://bugs.cacti.net/view.php?id=2646",
"refsource": "MISC",
"url": "http://bugs.cacti.net/view.php?id=2646"
},
{
"name": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html"
},
{
"name": "DSA-3423",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3423"
},
{
"name": "20151209 [CVE-2015-8369] Cacti SQL injection in graph.php",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/8"
},
{
"name": "1034497",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8369",
"datePublished": "2015-12-17T19:00:00",
"dateReserved": "2015-11-27T00:00:00",
"dateUpdated": "2024-08-06T08:13:32.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0730
Vulnerability from cvelistv5
Published
2022-03-03 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:03.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/4562"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"name": "FEDORA-2022-6a7e259e15",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/"
},
{
"name": "FEDORA-2022-e619e3d5d0",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/"
},
{
"name": "FEDORA-2022-70f5c7ff72",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/"
},
{
"name": "DSA-5298",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5298"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cati",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.2.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://github.com/Cacti/cacti/issues/4562"
},
{
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"name": "FEDORA-2022-6a7e259e15",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/"
},
{
"name": "FEDORA-2022-e619e3d5d0",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/"
},
{
"name": "FEDORA-2022-70f5c7ff72",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/"
},
{
"name": "DSA-5298",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5298"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-0730",
"datePublished": "2022-03-03T00:00:00",
"dateReserved": "2022-02-22T00:00:00",
"dateUpdated": "2024-08-02T23:40:03.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39514
Vulnerability from cvelistv5
Published
2023-09-05 20:02
Modified
2024-09-26 19:41
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `graphs.php` displays graph details such as data-source paths, data template information and graph related fields. _CENSUS_ found that an adversary that is able to configure either a data-source template with malicious code appended in the data-source name or a device with a malicious payload injected in the device name, may deploy a stored XSS attack against any user with _General Administration>Graphs_ privileges. A user that possesses the _Template Editor>Data Templates_ permissions can configure the data-source name in _cacti_. Please note that this may be a _low privileged_ user. This configuration occurs through `http://<HOST>/cacti/data_templates.php` by editing an existing or adding a new data template. If a template is linked to a graph then the formatted template name will be rendered in the graph's management page. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device name in _cacti_. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should add manual HTML escaping.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39514",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:21:26.815269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:41:45.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `graphs.php` displays graph details such as data-source paths, data template information and graph related fields. _CENSUS_ found that an adversary that is able to configure either a data-source template with malicious code appended in the data-source name or a device with a malicious payload injected in the device name, may deploy a stored XSS attack against any user with _General Administration\u003eGraphs_ privileges. A user that possesses the _Template Editor\u003eData Templates_ permissions can configure the data-source name in _cacti_. Please note that this may be a _low privileged_ user. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_templates.php` by editing an existing or adding a new data template. If a template is linked to a graph then the formatted template name will be rendered in the graph\u0027s management page. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device name in _cacti_. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should add manual HTML escaping.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:02:02.125Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"source": {
"advisory": "GHSA-6hrc-2cfc-8hm7",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting on graphs.php data template formated name view in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39514",
"datePublished": "2023-09-05T20:02:02.125Z",
"dateReserved": "2023-08-03T16:27:36.261Z",
"dateUpdated": "2024-09-26T19:41:45.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2327
Vulnerability from cvelistv5
Published
2014-04-23 14:00
Modified
2024-08-06 10:14
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN55076671/index.html | third-party-advisory, x_refsource_JVN | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768 | x_refsource_CONFIRM | |
| http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html | third-party-advisory, x_refsource_JVNDB | |
| http://www.securityfocus.com/archive/1/531588 | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/59203 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/66392 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2014/dsa-2970 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201509-03 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:25.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#55076671",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN55076671/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "JVNDB-2014-002239",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "66392",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66392"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#55076671",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN55076671/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "JVNDB-2014-002239",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "66392",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66392"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#55076671",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN55076671/index.html"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "JVNDB-2014-002239",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html"
},
{
"name": "20140324 Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"name": "59203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59203"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "66392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66392"
},
{
"name": "DSA-2970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2327",
"datePublished": "2014-04-23T14:00:00",
"dateReserved": "2014-03-12T00:00:00",
"dateUpdated": "2024-08-06T10:14:25.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12978
Vulnerability from cvelistv5
Published
2017-08-21 07:00
Modified
2024-08-05 18:51
Severity ?
EPSS score ?
Summary
lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1039226 | vdb-entry, x_refsource_SECTRACK | |
| https://github.com/Cacti/cacti/issues/918 | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:07.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24"
},
{
"name": "1039226",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039226"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/918"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-26T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24"
},
{
"name": "1039226",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039226"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/918"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24"
},
{
"name": "1039226",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039226"
},
{
"name": "https://github.com/Cacti/cacti/issues/918",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/918"
},
{
"name": "https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12978",
"datePublished": "2017-08-21T07:00:00",
"dateReserved": "2017-08-21T00:00:00",
"dateUpdated": "2024-08-05T18:51:07.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46490
Vulnerability from cvelistv5
Published
2023-10-27 00:00
Modified
2024-09-12 20:22
Severity ?
EPSS score ?
Summary
SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:45:42.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46490",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:48:55.562584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T20:22:54.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-27T21:06:36.933565",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c"
},
{
"url": "https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-46490",
"datePublished": "2023-10-27T00:00:00",
"dateReserved": "2023-10-23T00:00:00",
"dateUpdated": "2024-09-12T20:22:54.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1431
Vulnerability from cvelistv5
Published
2010-05-04 15:00
Modified
2024-08-07 01:21
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100421 Bonsai Information Security - SQL Injection in Cacti \u003c= 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Apr/272"
},
{
"name": "ADV-2010-0986",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0986"
},
{
"name": "DSA-2039",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2039"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch"
},
{
"name": "ADV-2010-1107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "SUSE-SR:2010:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "39568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39568"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "MDVSA-2010:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:092"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "39653",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39653"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909"
},
{
"name": "39572",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39572"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/sploits/Bonsai-SQL_Injection_in_Cacti.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-30T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20100421 Bonsai Information Security - SQL Injection in Cacti \u003c= 0.8.7e",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Apr/272"
},
{
"name": "ADV-2010-0986",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0986"
},
{
"name": "DSA-2039",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2039"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch"
},
{
"name": "ADV-2010-1107",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"name": "SUSE-SR:2010:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "39568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39568"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"name": "MDVSA-2010:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:092"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"name": "39653",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39653"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909"
},
{
"name": "39572",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39572"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/sploits/Bonsai-SQL_Injection_in_Cacti.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1431",
"datePublished": "2010-05-04T15:00:00",
"dateReserved": "2010-04-15T00:00:00",
"dateUpdated": "2024-08-07T01:21:19.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0786
Vulnerability from cvelistv5
Published
2008-02-14 22:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:38.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2008-1737",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "29242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29242"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432758",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"name": "http://www.cacti.net/release_notes_0_8_7b.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "29274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "28976",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0786",
"datePublished": "2008-02-14T22:00:00",
"dateReserved": "2008-02-14T00:00:00",
"dateUpdated": "2024-08-07T08:01:38.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-50250
Vulnerability from cvelistv5
Published
2023-12-22 16:39
Modified
2024-08-02 22:16
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/templates_import.php",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/templates_import.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T16:39:47.736Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"name": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/templates_import.php",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/templates_import.php"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-xwqc-7jc4-xm73",
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting vulnerability when Import xml template file"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-50250",
"datePublished": "2023-12-22T16:39:47.736Z",
"dateReserved": "2023-12-05T20:42:59.377Z",
"dateUpdated": "2024-08-02T22:16:46.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-20726
Vulnerability from cvelistv5
Published
2019-01-16 16:00
Modified
2024-08-05 12:12
Severity ?
EPSS score ?
Summary
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d | x_refsource_MISC | |
| https://github.com/Cacti/cacti/blob/develop/CHANGELOG | x_refsource_MISC | |
| https://github.com/Cacti/cacti/issues/2213 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:28.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/2213"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/2213"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20726",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"name": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"name": "https://github.com/Cacti/cacti/issues/2213",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/2213"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20726",
"datePublished": "2019-01-16T16:00:00",
"dateReserved": "2019-01-16T00:00:00",
"dateUpdated": "2024-08-05T12:12:28.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0783
Vulnerability from cvelistv5
Published
2008-02-14 22:00
Modified
2024-08-07 07:54
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:23.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "cacti-datainput-xss(50575)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50575"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=1245"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "30045",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30045"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "DSA-1569",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"name": "34991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2008-1737",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "cacti-datainput-xss(50575)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50575"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=1245"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29242"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "30045",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30045"
},
{
"name": "29274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "DSA-1569",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"name": "28976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"name": "34991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2008-1737",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"name": "cacti-datainput-xss(50575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50575"
},
{
"name": "http://bugs.cacti.net/view.php?id=1245",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=1245"
},
{
"name": "29242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29242"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=432758",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"name": "3657",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3657"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "GLSA-200803-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"name": "28872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28872"
},
{
"name": "MDVSA-2008:052",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"name": "http://www.cacti.net/release_notes_0_8_7b.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"name": "30045",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30045"
},
{
"name": "29274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29274"
},
{
"name": "20080212 cacti -- Multiple security vulnerabilities have been discovered",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"name": "ADV-2008-0540",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"name": "27749",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27749"
},
{
"name": "DSA-1569",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"name": "28976",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28976"
},
{
"name": "FEDORA-2008-1699",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"name": "1019414",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"name": "34991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0783",
"datePublished": "2008-02-14T22:00:00",
"dateReserved": "2008-02-14T00:00:00",
"dateUpdated": "2024-08-07T07:54:23.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16785
Vulnerability from cvelistv5
Published
2017-11-10 23:00
Modified
2024-08-05 20:35
Severity ?
EPSS score ?
Summary
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/1071 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1039774 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:35:21.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1071"
},
{
"name": "1039774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039774"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/1071"
},
{
"name": "1039774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039774"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/1071",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/1071"
},
{
"name": "1039774",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039774"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16785",
"datePublished": "2017-11-10T23:00:00",
"dateReserved": "2017-11-10T00:00:00",
"dateUpdated": "2024-08-05T20:35:21.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-31458
Vulnerability from cvelistv5
Published
2024-05-13 15:07
Modified
2024-08-02 01:52
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in `draw_nontemplated_fields_graph_item()` function from `lib/html_form_templates.php` , finally resulting in SQL injection. Version 1.2.27 contains a patch for the issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:19:29.133180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:26.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:57.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in `draw_nontemplated_fields_graph_item()` function from `lib/html_form_templates.php` , finally resulting in SQL injection. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T15:07:08.051Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-jrxg-8wh8-943x",
"discovery": "UNKNOWN"
},
"title": "Cacti SQL Injection vulnerability in lib/html_form_templates.php by reading dirty data stored in database"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31458",
"datePublished": "2024-05-13T15:07:08.051Z",
"dateReserved": "2024-04-03T17:55:32.647Z",
"dateUpdated": "2024-08-02T01:52:57.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39512
Vulnerability from cvelistv5
Published
2023-09-05 20:35
Modified
2024-09-26 19:41
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration, device name related to the datasource etc.) for different data visualizations of the _cacti_ app. _CENSUS_ found that an adversary that is able to configure a malicious device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39512",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:21:14.595148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:41:08.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration, device name related to the datasource etc.) for different data visualizations of the _cacti_ app. _CENSUS_ found that an adversary that is able to configure a malicious device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T20:35:09.893Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"source": {
"advisory": "GHSA-vqcc-5v63-g9q7",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting on data_sources.php device name view in Cacti"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39512",
"datePublished": "2023-09-05T20:35:09.893Z",
"dateReserved": "2023-08-03T16:27:36.261Z",
"dateUpdated": "2024-09-26T19:41:08.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-13231
Vulnerability from cvelistv5
Published
2020-05-20 13:54
Modified
2024-08-04 12:11
Severity ?
EPSS score ?
Summary
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11 | x_refsource_MISC | |
| https://github.com/Cacti/cacti/issues/3342 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3342"
},
{
"name": "FEDORA-2020-8560db8779",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"name": "FEDORA-2020-d50b988a2f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-05T04:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/3342"
},
{
"name": "FEDORA-2020-8560db8779",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"name": "FEDORA-2020-d50b988a2f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"name": "https://github.com/Cacti/cacti/issues/3342",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/3342"
},
{
"name": "FEDORA-2020-8560db8779",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"name": "FEDORA-2020-d50b988a2f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13231",
"datePublished": "2020-05-20T13:54:08",
"dateReserved": "2020-05-20T00:00:00",
"dateUpdated": "2024-08-04T12:11:19.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-46169
Vulnerability from cvelistv5
Published
2022-12-05 20:48
Modified
2024-08-03 14:24
Severity ?
EPSS score ?
Summary
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determine the IP address of the client. The variables beginning with `HTTP_` can be arbitrarily set by an attacker. Since there is a default entry in the `poller` table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header `Forwarded-For: <TARGETIP>`. This way the function `get_client_addr` returns the IP address of the server running Cacti. The following call to `gethostbyaddr` will resolve this IP address to the hostname of the server, which will pass the `poller` hostname check because of the default entry. After the authorization of the `remote_agent.php` file is bypassed, an attacker can trigger different actions. One of these actions is called `polldata`. The called function `poll_for_data` retrieves a few request parameters and loads the corresponding `poller_item` entries from the database. If the `action` of a `poller_item` equals `POLLER_ACTION_SCRIPT_PHP`, the function `proc_open` is used to execute a PHP script. The attacker-controlled parameter `$poller_id` is retrieved via the function `get_nfilter_request_var`, which allows arbitrary strings. This variable is later inserted into the string passed to `proc_open`, which leads to a command injection vulnerability. By e.g. providing the `poller_id=;id` the `id` command is executed. In order to reach the vulnerable call, the attacker must provide a `host_id` and `local_data_id`, where the `action` of the corresponding `poller_item` is set to `POLLER_ACTION_SCRIPT_PHP`. Both of these ids (`host_id` and `local_data_id`) can easily be bruteforced. The only requirement is that a `poller_item` with an `POLLER_ACTION_SCRIPT_PHP` action exists. This is very likely on a productive instance because this action is added by some predefined templates like `Device - Uptime` or `Device - Polling Time`.
This command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a `poller_item` with the `action` type `POLLER_ACTION_SCRIPT_PHP` (`2`) is configured. The authorization bypass should be prevented by not allowing an attacker to make `get_client_addr` (file `lib/functions.php`) return an arbitrary IP address. This could be done by not honoring the `HTTP_...` `$_SERVER` variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with `1.2.23` being the first release containing the patch.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf | x_refsource_CONFIRM | |
| https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216 | x_refsource_MISC | |
| https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9 | x_refsource_MISC | |
| https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.23",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46169",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:39:57.218915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-02-16",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-46169"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:16:07.313Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf"
},
{
"name": "https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216"
},
{
"name": "https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9"
},
{
"name": "https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.23"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determine the IP address of the client. The variables beginning with `HTTP_` can be arbitrarily set by an attacker. Since there is a default entry in the `poller` table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header `Forwarded-For: \u003cTARGETIP\u003e`. This way the function `get_client_addr` returns the IP address of the server running Cacti. The following call to `gethostbyaddr` will resolve this IP address to the hostname of the server, which will pass the `poller` hostname check because of the default entry. After the authorization of the `remote_agent.php` file is bypassed, an attacker can trigger different actions. One of these actions is called `polldata`. The called function `poll_for_data` retrieves a few request parameters and loads the corresponding `poller_item` entries from the database. If the `action` of a `poller_item` equals `POLLER_ACTION_SCRIPT_PHP`, the function `proc_open` is used to execute a PHP script. The attacker-controlled parameter `$poller_id` is retrieved via the function `get_nfilter_request_var`, which allows arbitrary strings. This variable is later inserted into the string passed to `proc_open`, which leads to a command injection vulnerability. By e.g. providing the `poller_id=;id` the `id` command is executed. In order to reach the vulnerable call, the attacker must provide a `host_id` and `local_data_id`, where the `action` of the corresponding `poller_item` is set to `POLLER_ACTION_SCRIPT_PHP`. Both of these ids (`host_id` and `local_data_id`) can easily be bruteforced. The only requirement is that a `poller_item` with an `POLLER_ACTION_SCRIPT_PHP` action exists. This is very likely on a productive instance because this action is added by some predefined templates like `Device - Uptime` or `Device - Polling Time`.\n\nThis command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a `poller_item` with the `action` type `POLLER_ACTION_SCRIPT_PHP` (`2`) is configured. The authorization bypass should be prevented by not allowing an attacker to make `get_client_addr` (file `lib/functions.php`) return an arbitrary IP address. This could be done by not honoring the `HTTP_...` `$_SERVER` variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with `1.2.23` being the first release containing the patch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-05T20:48:07.852Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf"
},
{
"name": "https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216"
},
{
"name": "https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9"
},
{
"name": "https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b"
}
],
"source": {
"advisory": "GHSA-6p93-p743-35gf",
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Command Injection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46169",
"datePublished": "2022-12-05T20:48:07.852Z",
"dateReserved": "2022-11-28T17:27:19.998Z",
"dateUpdated": "2024-08-03T14:24:03.319Z",
"requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-31445
Vulnerability from cvelistv5
Published
2024-05-13 15:05
Modified
2024-08-02 01:52
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var('filter')` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `'filter'` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31445",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "Yes"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T04:00:40.261346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:36:44.004Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc"
},
{
"name": "https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886"
},
{
"name": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717"
},
{
"name": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var(\u0027filter\u0027)` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `\u0027filter\u0027` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T15:05:56.662Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc"
},
{
"name": "https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886"
},
{
"name": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717"
},
{
"name": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-vjph-r677-6pcc",
"discovery": "UNKNOWN"
},
"title": "SQL Injection vulnerability in automation_get_new_graphs_sql"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31445",
"datePublished": "2024-05-13T15:05:56.662Z",
"dateReserved": "2024-04-03T17:55:32.645Z",
"dateUpdated": "2024-08-02T01:52:56.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4634
Vulnerability from cvelistv5
Published
2015-08-11 14:00
Modified
2024-08-06 06:18
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2015-07/msg00052.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securitytracker.com/id/1032989 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cacti.net/release_notes_0_8_8e.php | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3312 | vendor-advisory, x_refsource_DEBIAN | |
| http://bugs.cacti.net/view.php?id=2577 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2015:1285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00052.html"
},
{
"name": "1032989",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032989"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cacti.net/release_notes_0_8_8e.php"
},
{
"name": "DSA-3312",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3312"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2577"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-21T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2015:1285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00052.html"
},
{
"name": "1032989",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032989"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cacti.net/release_notes_0_8_8e.php"
},
{
"name": "DSA-3312",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3312"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2577"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:1285",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00052.html"
},
{
"name": "1032989",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032989"
},
{
"name": "http://www.cacti.net/release_notes_0_8_8e.php",
"refsource": "CONFIRM",
"url": "http://www.cacti.net/release_notes_0_8_8e.php"
},
{
"name": "DSA-3312",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3312"
},
{
"name": "http://bugs.cacti.net/view.php?id=2577",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2577"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4634",
"datePublished": "2015-08-11T14:00:00",
"dateReserved": "2015-06-16T00:00:00",
"dateUpdated": "2024-08-06T06:18:12.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-29894
Vulnerability from cvelistv5
Published
2024-05-13 14:24
Modified
2024-08-02 01:17
Severity ?
EPSS score ?
Summary
Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cacti:cacti:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cacti",
"vendor": "cacti",
"versions": [
{
"lessThan": "1.2.27",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29894",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T17:24:33.915547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:56:59.868Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.27"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-13T14:24:32.871Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh"
},
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"source": {
"advisory": "GHSA-grj5-8fcj-34gh",
"discovery": "UNKNOWN"
},
"title": "Cacti Cross-site Scripting vulnerability when using JavaScript based messaging API"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29894",
"datePublished": "2024-05-13T14:24:32.871Z",
"dateReserved": "2024-03-21T15:12:08.998Z",
"dateUpdated": "2024-08-02T01:17:58.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-17358
Vulnerability from cvelistv5
Published
2019-12-12 13:53
Modified
2024-08-05 01:40
Severity ?
EPSS score ?
Summary
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.php#L3109"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00014.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3026"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17358"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html"
},
{
"name": "20200120 [SECURITY] [DSA 4604-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"name": "DSA-4604",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.php#L3109"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00014.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/3026"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17358"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html"
},
{
"name": "20200120 [SECURITY] [DSA 4604-1] cacti security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"name": "DSA-4604",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_ConverterErrors": {
"cvssV3_0": {
"error": "CVSSV3_0 data from v4 record is invalid",
"message": "Missing mandatory metrics \"AC\""
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module."
}
]
},
"impact": {
"cvss": {
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/A:N/C:H/I:H/PR:L/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.darkmatter.ae/xen1thlabs/",
"refsource": "MISC",
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"name": "https://github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.php#L3109",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.php#L3109"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/12/msg00014.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00014.html"
},
{
"name": "https://github.com/Cacti/cacti/issues/3026",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/3026"
},
{
"name": "https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17358",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17358"
},
{
"name": "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html",
"refsource": "MISC",
"url": "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html"
},
{
"name": "20200120 [SECURITY] [DSA 4604-1] cacti security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"name": "DSA-4604",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17358",
"datePublished": "2019-12-12T13:53:51",
"dateReserved": "2019-10-08T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-5026
Vulnerability from cvelistv5
Published
2014-10-20 17:00
Modified
2024-08-06 11:34
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name in a delete or (9) duplicate action.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2014/dsa-3007 | vendor-advisory, x_refsource_DEBIAN | |
| http://bugs.cacti.net/view.php?id=2456 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2014/07/22/9 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/68759 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/94816 | vdb-entry, x_refsource_XF | |
| http://seclists.org/oss-sec/2014/q3/244 | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/201509-03 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"name": "[oss-security] 20140722 Re: CVE request: cacti XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"name": "68759",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "cacti-cve20145026-xss(94816)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94816"
},
{
"name": "[oss-security] 20140724 Re: Duplicated CVE - Cacti XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/244"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name in a delete or (9) duplicate action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3007",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"name": "[oss-security] 20140722 Re: CVE request: cacti XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"name": "68759",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"name": "openSUSE-SU-2015:0479",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "cacti-cve20145026-xss(94816)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94816"
},
{
"name": "[oss-security] 20140724 Re: Duplicated CVE - Cacti XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/244"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name in a delete or (9) duplicate action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3007",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"name": "http://bugs.cacti.net/view.php?id=2456",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"name": "[oss-security] 20140722 Re: CVE request: cacti XSS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"name": "68759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68759"
},
{
"name": "openSUSE-SU-2015:0479",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"name": "cacti-cve20145026-xss(94816)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94816"
},
{
"name": "[oss-security] 20140724 Re: Duplicated CVE - Cacti XSS",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/244"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5026",
"datePublished": "2014-10-20T17:00:00",
"dateReserved": "2014-07-22T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2544
Vulnerability from cvelistv5
Published
2010-08-23 20:00
Modified
2024-08-07 02:39
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025&r2=6024&pathrev=6025 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2010:160 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.securityfocus.com/bid/42575 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/41041 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=oss-security&m=127978954522586&w=2 | mailing-list, x_refsource_MLIST | |
| https://rhn.redhat.com/errata/RHSA-2010-0635.html | vendor-advisory, x_refsource_REDHAT | |
| http://cacti.net/release_notes_0_8_7g.php | x_refsource_CONFIRM | |
| http://marc.info/?l=oss-security&m=128017203704299&w=2 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=459105 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2010/2132 | vdb-entry, x_refsource_VUPEN | |
| http://svn.cacti.net/viewvc?view=rev&revision=6025 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/61226 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025\u0026r2=6024\u0026pathrev=6025"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "42575",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "[oss-security] 20100722 Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"name": "[oss-security] 20100726 Re: Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459105"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"name": "cacti-utilities-xss(61226)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61226"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025\u0026r2=6024\u0026pathrev=6025"
},
{
"name": "MDVSA-2010:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"name": "42575",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"name": "41041",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41041"
},
{
"name": "[oss-security] 20100722 Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"name": "RHSA-2010:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"name": "[oss-security] 20100726 Re: Cacti XSS fixes in 0.8.7g",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459105"
},
{
"name": "ADV-2010-2132",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"name": "cacti-utilities-xss(61226)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61226"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2544",
"datePublished": "2010-08-23T20:00:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39362
Vulnerability from cvelistv5
Published
2023-09-05 21:16
Modified
2024-08-19 07:48
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:48:06.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"url": "https://www.vicarius.io/vsociety/posts/command-injection-in-cacti-cve-2023-39362"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cacti",
"vendor": "Cacti",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T21:16:30.127Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp"
},
{
"url": "http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
}
],
"source": {
"advisory": "GHSA-g6ff-58cj-x3cp",
"discovery": "UNKNOWN"
},
"title": "Authenticated command injection in SNMP options of a Device"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39362",
"datePublished": "2023-09-05T21:16:30.127Z",
"dateReserved": "2023-07-28T13:26:46.480Z",
"dateUpdated": "2024-08-19T07:48:06.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-17357
Vulnerability from cvelistv5
Published
2020-01-21 18:35
Modified
2024-08-05 01:40
Severity ?
EPSS score ?
Summary
Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.darkmatter.ae/xen1thlabs/ | x_refsource_MISC | |
| https://github.com/Cacti/cacti/issues/3025 | x_refsource_CONFIRM | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| https://security.gentoo.org/glsa/202003-40 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3025"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/3025"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_ConverterErrors": {
"cvssV3_0": {
"error": "CVSSV3_0 data from v4 record is invalid",
"message": "Missing mandatory metrics \"AC\""
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery."
}
]
},
"impact": {
"cvss": {
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.darkmatter.ae/xen1thlabs/",
"refsource": "MISC",
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"name": "https://github.com/Cacti/cacti/issues/3025",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/3025"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17357",
"datePublished": "2020-01-21T18:35:44",
"dateReserved": "2019-10-08T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16661
Vulnerability from cvelistv5
Published
2017-11-08 05:00
Modified
2024-09-16 19:04
Severity ?
EPSS score ?
Summary
Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cacti/cacti/issues/1066 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:04.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-08T05:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/1066",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/1066"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16661",
"datePublished": "2017-11-08T05:00:00Z",
"dateReserved": "2017-11-07T00:00:00Z",
"dateUpdated": "2024-09-16T19:04:14.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-4000
Vulnerability from cvelistv5
Published
2017-11-15 16:00
Modified
2024-08-06 11:04
Severity ?
EPSS score ?
Summary
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2014-4000 | x_refsource_CONFIRM | |
| https://forums.cacti.net/viewtopic.php?f=4&t=56794 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201711-10 | vendor-advisory, x_refsource_GENTOO | |
| https://www.cacti.net/release_notes_1_0_0.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:04:28.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2014-4000"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://forums.cacti.net/viewtopic.php?f=4\u0026t=56794"
},
{
"name": "GLSA-201711-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cacti.net/release_notes_1_0_0.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes())."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-15T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2014-4000"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://forums.cacti.net/viewtopic.php?f=4\u0026t=56794"
},
{
"name": "GLSA-201711-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cacti.net/release_notes_1_0_0.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes())."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2014-4000",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-4000"
},
{
"name": "https://forums.cacti.net/viewtopic.php?f=4\u0026t=56794",
"refsource": "CONFIRM",
"url": "https://forums.cacti.net/viewtopic.php?f=4\u0026t=56794"
},
{
"name": "GLSA-201711-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-10"
},
{
"name": "https://www.cacti.net/release_notes_1_0_0.php",
"refsource": "CONFIRM",
"url": "https://www.cacti.net/release_notes_1_0_0.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4000",
"datePublished": "2017-11-15T16:00:00",
"dateReserved": "2014-06-09T00:00:00",
"dateUpdated": "2024-08-06T11:04:28.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1434
Vulnerability from cvelistv5
Published
2013-08-23 16:00
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/54181 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/61657 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2012/dsa-2739 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/54386 | third-party-advisory, x_refsource_SECUNIA | |
| http://svn.cacti.net/viewvc?view=rev&revision=7394 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1028893 | vdb-entry, x_refsource_SECTRACK | |
| http://forums.cacti.net/viewtopic.php?f=21&t=50593 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2013/08/07/15 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:48.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54181"
},
{
"name": "61657",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61657"
},
{
"name": "openSUSE-SU-2013:1377",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"name": "DSA-2739",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"name": "54386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7394"
},
{
"name": "1028893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028893"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"name": "[oss-security] 20130807 Re: CVE request: SQL injection and shell escaping issues in Cacti \u003c 0.8.8b",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "54181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54181"
},
{
"name": "61657",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61657"
},
{
"name": "openSUSE-SU-2013:1377",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"name": "DSA-2739",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"name": "54386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7394"
},
{
"name": "1028893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028893"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"name": "[oss-security] 20130807 Re: CVE request: SQL injection and shell escaping issues in Cacti \u003c 0.8.8b",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2013-1434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54181",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54181"
},
{
"name": "61657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61657"
},
{
"name": "openSUSE-SU-2013:1377",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"name": "DSA-2739",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"name": "54386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54386"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7394",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7394"
},
{
"name": "1028893",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028893"
},
{
"name": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593",
"refsource": "CONFIRM",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"name": "[oss-security] 20130807 Re: CVE request: SQL injection and shell escaping issues in Cacti \u003c 0.8.8b",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2013-1434",
"datePublished": "2013-08-23T16:00:00",
"dateReserved": "2013-01-26T00:00:00",
"dateUpdated": "2024-08-06T15:04:48.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3172
Vulnerability from cvelistv5
Published
2016-04-12 16:00
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201607-05 | vendor-advisory, x_refsource_GENTOO | |
| http://www.openwall.com/lists/oss-security/2016/03/10/13 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/84324 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html | vendor-advisory, x_refsource_SUSE | |
| http://bugs.cacti.net/view.php?id=2667 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2016/03/15/11 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:47:57.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "[oss-security] 20160310 please assign CVE for cacti bug 2667: SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/10/13"
},
{
"name": "84324",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/84324"
},
{
"name": "openSUSE-SU-2016:1328",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2667"
},
{
"name": "[oss-security] 20160315 Re: please assign CVE for cacti bug 2667: SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/15/11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201607-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "[oss-security] 20160310 please assign CVE for cacti bug 2667: SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/10/13"
},
{
"name": "84324",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/84324"
},
{
"name": "openSUSE-SU-2016:1328",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.cacti.net/view.php?id=2667"
},
{
"name": "[oss-security] 20160315 Re: please assign CVE for cacti bug 2667: SQL Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/15/11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201607-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"name": "[oss-security] 20160310 please assign CVE for cacti bug 2667: SQL Injection Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/10/13"
},
{
"name": "84324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84324"
},
{
"name": "openSUSE-SU-2016:1328",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"name": "http://bugs.cacti.net/view.php?id=2667",
"refsource": "MISC",
"url": "http://bugs.cacti.net/view.php?id=2667"
},
{
"name": "[oss-security] 20160315 Re: please assign CVE for cacti bug 2667: SQL Injection Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/15/11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3172",
"datePublished": "2016-04-12T16:00:00",
"dateReserved": "2016-03-15T00:00:00",
"dateUpdated": "2024-08-05T23:47:57.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-11163
Vulnerability from cvelistv5
Published
2017-07-10 18:00
Modified
2024-08-05 17:57
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038908 | vdb-entry, x_refsource_SECTRACK | |
| https://github.com/Cacti/cacti/issues/847 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:58.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/847"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-16T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Cacti/cacti/issues/847"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038908",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038908"
},
{
"name": "https://github.com/Cacti/cacti/issues/847",
"refsource": "CONFIRM",
"url": "https://github.com/Cacti/cacti/issues/847"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11163",
"datePublished": "2017-07-10T18:00:00",
"dateReserved": "2017-07-10T00:00:00",
"dateUpdated": "2024-08-05T17:57:58.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2708
Vulnerability from cvelistv5
Published
2014-04-10 14:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id, or (8) rra_id parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:36.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.cacti.net/view.php?id=2405"
},
{
"name": "cacti-cve20142708-sql-injection(92278)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92278"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "66555",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66555"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "[oss-security] 20140401 CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q2/2"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "[oss-security] 20140403 Re: CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"name": "57647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084258"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id, or (8) rra_id parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2014-4928",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.cacti.net/view.php?id=2405"
},
{
"name": "cacti-cve20142708-sql-injection(92278)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92278"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "66555",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66555"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"name": "59203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59203"
},
{
"name": "[oss-security] 20140401 CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q2/2"
},
{
"name": "FEDORA-2014-4892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "[oss-security] 20140403 Re: CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"name": "57647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084258"
},
{
"name": "GLSA-201509-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id, or (8) rra_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-4928",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"name": "http://bugs.cacti.net/view.php?id=2405",
"refsource": "CONFIRM",
"url": "http://bugs.cacti.net/view.php?id=2405"
},
{
"name": "cacti-cve20142708-sql-injection(92278)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92278"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"name": "66555",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66555"
},
{
"name": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439",
"refsource": "CONFIRM",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"name": "59203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59203"
},
{
"name": "[oss-security] 20140401 CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/2"
},
{
"name": "FEDORA-2014-4892",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"name": "[oss-security] 20140403 Re: CVE request: cacti \"bug#0002405: SQL injection in graph_xport.php\"",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"name": "57647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57647"
},
{
"name": "DSA-2970",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1084258",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084258"
},
{
"name": "GLSA-201509-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2708",
"datePublished": "2014-04-10T14:00:00",
"dateReserved": "2014-04-01T00:00:00",
"dateUpdated": "2024-08-06T10:21:36.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7237
Vulnerability from cvelistv5
Published
2020-01-20 04:06
Modified
2024-08-04 09:25
Severity ?
EPSS score ?
Summary
Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cacti/cacti/issues/3201"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ctrsec.io/index.php/2020/01/25/cve-2020-7237-remote-code-execution-in-cacti-rrdtool/"
},
{
"name": "FEDORA-2020-0fc6dd0fd2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"name": "FEDORA-2020-90f1c8229e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-30T20:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cacti/cacti/issues/3201"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ctrsec.io/index.php/2020/01/25/cve-2020-7237-remote-code-execution-in-cacti-rrdtool/"
},
{
"name": "FEDORA-2020-0fc6dd0fd2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"name": "FEDORA-2020-90f1c8229e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"name": "openSUSE-SU-2020:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-7237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Cacti/cacti/issues/3201",
"refsource": "MISC",
"url": "https://github.com/Cacti/cacti/issues/3201"
},
{
"name": "https://ctrsec.io/index.php/2020/01/25/cve-2020-7237-remote-code-execution-in-cacti-rrdtool/",
"refsource": "MISC",
"url": "https://ctrsec.io/index.php/2020/01/25/cve-2020-7237-remote-code-execution-in-cacti-rrdtool/"
},
{
"name": "FEDORA-2020-0fc6dd0fd2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"name": "FEDORA-2020-90f1c8229e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"name": "openSUSE-SU-2020:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"name": "GLSA-202003-40",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"name": "openSUSE-SU-2020:0558",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"name": "openSUSE-SU-2020:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-7237",
"datePublished": "2020-01-20T04:06:41",
"dateReserved": "2020-01-20T00:00:00",
"dateUpdated": "2024-08-04T09:25:48.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-12-22 17:15
Modified
2024-11-21 08:32
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration\u003eSites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://\u003cHOST\u003e/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti."
},
{
"lang": "es",
"value": "Cacti es un framework de gesti\u00f3n de fallos y monitoreo operativo de c\u00f3digo abierto. La soluci\u00f3n aplicada para CVE-2023-39515 en la versi\u00f3n 1.2.25 est\u00e1 incompleta, ya que permite que un adversario haga que el navegador de la v\u00edctima ejecute c\u00f3digo malicioso cuando un usuario v\u00edctima pasa el mouse sobre la ruta de la fuente de datos maliciosa en `data_debug.php`. Para realizar el ataque de cross-site scripting, el adversario debe ser un usuario de Cacti autorizado con los siguientes permisos: `General Administration\u0026gt;Sites/Devices/Data`. La v\u00edctima de este ataque podr\u00eda ser cualquier cuenta con permisos para ver `http:///cacti/data_debug.php`. Al momento de la publicaci\u00f3n, no se ha incluido ninguna soluci\u00f3n completa en Cacti."
}
],
"id": "CVE-2023-49088",
"lastModified": "2024-11-21T08:32:47.840",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-22T17:15:08.247",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-22 14:55
Modified
2024-11-21 02:11
Severity ?
Summary
The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAF93EB-D502-4210-AD60-A01FE14F077E",
"versionEndIncluding": "0.8.8b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "E239B64D-6B94-4E77-8245-5293247F09D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "6537BC21-D7C5-4EEB-BE7A-D1C9A27E290D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC44FEA-FB88-4620-B200-E188C7A2BFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5DABFA50-3C45-4841-945B-FBC40B9C94B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD91588-5963-4CDE-8C51-B2B4C75C1628",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php."
},
{
"lang": "es",
"value": "La secuencia de comandos de configuraciones gr\u00e1ficas (graph_settings.php) en Cacti 0.8.8b y anteriores permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en un tama\u00f1o de fuente, relacionado con la l\u00ednea de comando rrdtool en lib/rrd.php."
}
],
"id": "CVE-2014-5261",
"lastModified": "2024-11-21T02:11:43.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-22T14:55:09.080",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/386"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/69213"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-22 19:16
Modified
2024-11-21 07:33
Severity ?
Summary
A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1882 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1882 | Exploit, Issue Tracking, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "921BD859-6432-492B-887B-B9A172ED2113",
"versionEndIncluding": "0.8.7g",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the \"ref\" parameter at auth_changepassword.php."
}
],
"id": "CVE-2022-48547",
"lastModified": "2024-11-21T07:33:30.267",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-22T19:16:31.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1882"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-30 21:30
Modified
2024-11-21 01:08
Severity ?
Summary
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A034AA62-ECC3-4361-9E42-A1218F9EB2E1",
"versionEndIncluding": "0.8.7e",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the \"Data Input Method\" for the \"Linux - Get Memory Usage\" setting to contain arbitrary commands."
},
{
"lang": "es",
"value": "Cacti v0.8.7e y anteriores permite a administradores remotos autenticados obtener privilegios modificando el \"Data Input Method\" (m\u00e9todo de entrada de datos) para la opci\u00f3n \"Linux - Get Memory Usage\" (Linux - obtener utilizaci\u00f3n de la memoria) para contener comandos de su elecci\u00f3n."
}
],
"id": "CVE-2009-4112",
"lastModified": "2024-11-21T01:08:57.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-30T21:30:00.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37137"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54473"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-22 00:15
Modified
2024-11-21 08:32
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user's browser. This issue has been patched in version 1.2.27.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5814EC-CFCB-4066-9260-FF78B45E2089",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user\u0027s browser. This issue has been patched in version 1.2.27.\n"
},
{
"lang": "es",
"value": "Cacti es un framework robusto de gesti\u00f3n de fallos y rendimiento y una interfaz para RRDTool - a Time Series Database (TSDB). Omitiendo una soluci\u00f3n anterior (CVE-2023-39360) que provoca un ataque DOM XSS. La explotaci\u00f3n de la vulnerabilidad es posible para un usuario autorizado. El componente vulnerable es `graphs_new.php`. Impacto de la vulnerabilidad: ejecuci\u00f3n de c\u00f3digo JavaScript arbitrario en el navegador del usuario atacado. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.26."
}
],
"id": "CVE-2023-49086",
"lastModified": "2024-11-21T08:32:47.567",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-22T00:15:34.857",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/Cacti/cacti/commit/6ec01c8b2983bf4fcb86f8c647655f74090b5be9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/Cacti/cacti/commit/6ec01c8b2983bf4fcb86f8c647655f74090b5be9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-29 13:07
Modified
2024-11-21 01:08
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en Cacti 0.8.7e permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a trav\u00e9s de vectores relacionados con (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php y (4) lib/timespan_settings.php, como es demostrado por los par\u00e1metros (a) graph_end o (b) graph_start a graph.php; (c) el par\u00e1metro date1 en una acci\u00f3n tree a graph_view.php; y los par\u00e1metros (d) page_refresh y (e) default_dual_pane_width a graph_settings.php."
}
],
"id": "CVE-2009-4032",
"lastModified": "2024-11-21T01:08:47.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-29T13:07:34.017",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"source": "secalert@redhat.com",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=294573"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://docs.cacti.net/#cross-site_scripting_fixes"
},
{
"source": "secalert@redhat.com",
"url": "http://jvn.jp/en/jp/JVN09758120/index.html"
},
{
"source": "secalert@redhat.com",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37934"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38087"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "secalert@redhat.com",
"url": "http://www.cacti.net/download_patches.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/4"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/60483"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/37109"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3325"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54388"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01390.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=294573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://docs.cacti.net/#cross-site_scripting_fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN09758120/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cacti.net/download_patches.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/25/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/11/26/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/11/30/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/60483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508129/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/37109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01390.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00166.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-14 23:00
Modified
2024-11-21 00:42
Severity ?
Summary
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors."
},
{
"lang": "es",
"value": "Graph.php en Cacti 0.8.7 anterior a 0.8.7b y 0.8.6 anterior a 0.8.6k, permite a atacantes remotos obtener la ruta completa a trav\u00e9s de un par\u00e1metro local_graph_id inv\u00e1lido y otros vectores no especificados."
}
],
"id": "CVE-2008-0784",
"lastModified": "2024-11-21T00:42:54.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-14T23:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28976"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-17 18:59
Modified
2024-11-21 02:30
Severity ?
Summary
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 22 | |
| fedoraproject | fedora | 23 | |
| fedoraproject | fedora | 24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F676405-470D-43E8-A6EF-060E6E70F0FA",
"versionEndIncluding": "0.8.8c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Cacti anterior a 0.8.8d permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de vectores no especificados que involucran un id cdef."
}
],
"id": "CVE-2015-4342",
"lastModified": "2024-11-21T02:30:51.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T18:59:07.407",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.cacti.net/view.php?id=2571"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00052.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/132224/Cacti-SQL-Injection-Header-Injection.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2015/Jun/19"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75108"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=934187"
},
{
"source": "cve@mitre.org",
"url": "https://www.suse.com/security/cve/CVE-2015-4342.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.cacti.net/view.php?id=2571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/132224/Cacti-SQL-Injection-Header-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2015/Jun/19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=934187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.suse.com/security/cve/CVE-2015-4342.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-08 23:29
Modified
2024-11-21 04:20
Severity ?
Summary
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Cacti/cacti/compare/6ea486a...99995bb | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/2581 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/compare/6ea486a...99995bb | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/2581 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1989C8-DBC3-4926-8AA3-245A0E8FE2DC",
"versionEndExcluding": "1.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS."
},
{
"lang": "es",
"value": "En clearFilter() en utilities.php en Cacti versiones anteriores a 1.2.3, no se produce ning\u00fan escape antes de imprimir el valor de la cadena de comunidad SNMP (Opciones SNMP) en la cach\u00e9 View poller, lo que conduce a XSS."
}
],
"id": "CVE-2019-11025",
"lastModified": "2024-11-21T04:20:23.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-08T23:29:00.853",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/compare/6ea486a...99995bb"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2581"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/compare/6ea486a...99995bb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-15 16:29
Modified
2024-11-21 02:09
Severity ?
Summary
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://forums.cacti.net/viewtopic.php?f=4&t=56794 | Issue Tracking, Release Notes, Vendor Advisory | |
| cve@mitre.org | https://security-tracker.debian.org/tracker/CVE-2014-4000 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201711-10 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://www.cacti.net/release_notes_1_0_0.php | Issue Tracking, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://forums.cacti.net/viewtopic.php?f=4&t=56794 | Issue Tracking, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2014-4000 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201711-10 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cacti.net/release_notes_1_0_0.php | Issue Tracking, Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE55913-88BA-4A5F-91D0-B7EC37EAC334",
"versionEndExcluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes())."
},
{
"lang": "es",
"value": "Cacti en versiones anteriores a la 1.0.0 permite que usuarios remotos autenticados lleven a cabo ataques de inyecci\u00f3n de objetos PHP y ejecuten c\u00f3digo PHP arbitrario mediante un objeto serializado manipulado, relacionado con la llamada a unserialize(stripslashes())."
}
],
"id": "CVE-2014-4000",
"lastModified": "2024-11-21T02:09:18.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-15T16:29:00.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Release Notes",
"Vendor Advisory"
],
"url": "https://forums.cacti.net/viewtopic.php?f=4\u0026t=56794"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2014-4000"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-10"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/release_notes_1_0_0.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Vendor Advisory"
],
"url": "https://forums.cacti.net/viewtopic.php?f=4\u0026t=56794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2014-4000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/release_notes_1_0_0.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-11 14:59
Modified
2024-11-21 02:31
Severity ?
Summary
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F7A808-A295-4FF4-9EFE-1D958D9091FA",
"versionEndIncluding": "0.8.8d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en graphs.php en Cacti en versiones anteriores a 0.8.8e, lo que permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro local_graph_id."
}
],
"id": "CVE-2015-4634",
"lastModified": "2024-11-21T02:31:26.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-11T14:59:10.163",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2577"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00052.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.cacti.net/release_notes_0_8_8e.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3312"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cacti.net/release_notes_0_8_8e.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032989"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-03 14:55
Modified
2024-11-21 02:09
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_templates.php, (7) graphs.php, (8) host.php, or (9) host_templates.php or the (10) graph_template_input_id or (11) graph_template_id parameter to graph_templates_inputs.php.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8b:*:*:*:*:*:*:*",
"matchCriteriaId": "25C92A47-E876-481D-83DB-0B547F0C101E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_templates.php, (7) graphs.php, (8) host.php, or (9) host_templates.php or the (10) graph_template_input_id or (11) graph_template_id parameter to graph_templates_inputs.php."
},
{
"lang": "es",
"value": "M\u00faltiples vul\u00f1nerabilidades de XSS en Cacti 0.8.8b permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro (1) drp_action en cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_templates.php, (7) graphs.php, (8) host.php o (9) host_templates.php o el par\u00e1metro (10) graph_template_input_id o (11) graph_template_id en graph_templates_inputs.php."
}
],
"id": "CVE-2014-4002",
"lastModified": "2024-11-21T02:09:18.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-07-03T14:55:08.473",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/59203"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/59517"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7451"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7452"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/68257"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-14 20:15
Modified
2024-11-21 05:03
Severity ?
Summary
Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=2001016 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/pull/4261 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2001016 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/pull/4261 | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4947F9-DEF2-46C2-BBA3-B865DD86E3BC",
"versionEndExcluding": "1.2.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme."
},
{
"lang": "es",
"value": "Cacti versiones anteriores a 1.2.18, permite a atacantes remotos desencadenar un ataque de tipo XSS por medio de la importaci\u00f3n de plantillas para el tema midwinter"
}
],
"id": "CVE-2020-14424",
"lastModified": "2024-11-21T05:03:14.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-14T20:15:07.477",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001016"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/pull/4261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/pull/4261"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-22 19:16
Modified
2024-11-21 07:33
Severity ?
Summary
In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.cacti.net/Settings-Auth-LDAP.md | Technical Description | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/5189 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.cacti.net/Settings-Auth-LDAP.md | Technical Description | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/5189 | Exploit, Issue Tracking, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BB8CCB-5F52-4248-947C-3F4F1211EF53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password."
}
],
"id": "CVE-2022-48538",
"lastModified": "2024-11-21T07:33:29.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-22T19:16:31.230",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://docs.cacti.net/Settings-Auth-LDAP.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/5189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://docs.cacti.net/Settings-Auth-LDAP.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/5189"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-22 17:15
Modified
2024-11-21 08:36
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5814EC-CFCB-4066-9260-FF78B45E2089",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.\n"
},
{
"lang": "es",
"value": "Cacti es un framework de gesti\u00f3n de fallos y monitoreo operativo de c\u00f3digo abierto. Se descubri\u00f3 una vulnerabilidad de cross-site scripting reflejado en la versi\u00f3n 1.2.25. Los atacantes pueden aprovechar esta vulnerabilidad para realizar acciones en nombre de otros usuarios. La vulnerabilidad se encuentra en `templates_import.php.` Al cargar un archivo de plantilla xml, si el archivo XML no pasa la verificaci\u00f3n, el servidor mostrar\u00e1 un mensaje emergente de JavaScript, que contiene el nombre del archivo de plantilla xml sin filtrar, lo que resulta en XSS. Un atacante que aproveche esta vulnerabilidad podr\u00eda ejecutar acciones en nombre de otros usuarios. Esta capacidad de hacerse pasar por usuarios podr\u00eda dar lugar a cambios no autorizados en la configuraci\u00f3n. Al momento de la publicaci\u00f3n, no hay versiones parcheadas disponibles."
}
],
"id": "CVE-2023-50250",
"lastModified": "2024-11-21T08:36:44.950",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-22T17:15:09.127",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/templates_import.php"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/templates_import.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-27 06:29
Modified
2024-11-21 03:08
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100022 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1038982 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c | Patch | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/867 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100022 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038982 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/867 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EEC00868-0425-43E1-B35A-4040C20CC979",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers."
},
{
"lang": "es",
"value": "La vulnerabilidad de tipo cross-site-scripting (XSS) en el archivo auth_profile.php en Cacti versi\u00f3n 1.1.13, permite a los atacantes remotos inyectar scripts web o HTML arbitrarios por medio de encabezados Referer HTTP especialmente creados."
}
],
"id": "CVE-2017-11691",
"lastModified": "2024-11-21T03:08:18.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-27T06:29:00.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100022"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038982"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/104090aeead4aa433bf1f18cd6d52dcfeb71236c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/867"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-07 21:15
Modified
2024-10-17 18:14
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `fileurl` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE0430A-4E9B-452F-A7EC-029F210FDDFE",
"versionEndExcluding": "1.2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `fileurl` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this issue."
},
{
"lang": "es",
"value": "Cacti es un framework de trabajo de gesti\u00f3n de errores y rendimiento de c\u00f3digo abierto. El par\u00e1metro `fileurl` no se desinfecta correctamente al guardar enlaces externos en `links.php`. Adem\u00e1s, dicho fileurl se coloca en alg\u00fan c\u00f3digo html que se pasa a la funci\u00f3n `print` en `link.php` e `index.php`, lo que finalmente genera XSS almacenado. Los usuarios con el privilegio de crear enlaces externos pueden manipular el par\u00e1metro `fileurl` en la solicitud de publicaci\u00f3n http mientras crean enlaces externos para realizar ataques XSS almacenados. La vulnerabilidad conocida como XSS (Cross-Site Scripting) ocurre cuando una aplicaci\u00f3n permite que se muestre una entrada de usuario no confiable en una p\u00e1gina web sin la validaci\u00f3n o el escape adecuados. Este problema se ha solucionado en la versi\u00f3n de lanzamiento 1.2.28. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema."
}
],
"id": "CVE-2024-43362",
"lastModified": "2024-10-17T18:14:33.337",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-07T21:15:15.470",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-13 17:59
Modified
2024-11-21 02:48
Severity ?
Summary
auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C69488-CAAE-4612-B3A3-C5789C2D772B",
"versionEndIncluding": "0.8.8f",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database."
},
{
"lang": "es",
"value": "auth_logen.php en Cacti en versiones anteriores a 0.8.8g permite a usuarios remotos autenticados que utilizan autenticaci\u00f3n web eludir las restricciones destinadas al acceso iniciando sesi\u00f3n como un usuario que no est\u00e1 en la base de datos cacti."
}
],
"id": "CVE-2016-2313",
"lastModified": "2024-11-21T02:48:12.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-13T17:59:11.977",
"references": [
{
"source": "security@opentext.com",
"url": "http://bugs.cacti.net/view.php?id=2656"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html"
},
{
"source": "security@opentext.com",
"url": "http://www.cacti.net/release_notes_0_8_8g.php"
},
{
"source": "security@opentext.com",
"url": "http://www.securitytracker.com/id/1037745"
},
{
"source": "security@opentext.com",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "security@opentext.com",
"url": "https://security.gentoo.org/glsa/201711-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.cacti.net/view.php?id=2656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cacti.net/release_notes_0_8_8g.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-10"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-20 14:15
Modified
2024-11-21 05:00
Severity ?
Summary
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71E927CB-B43A-486F-980C-24BB8CF50FBD",
"versionEndExcluding": "1.2.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change."
},
{
"lang": "es",
"value": "En Cacti versiones anteriores a 1.2.11, auth_profile.php?action=edit permite un ataque de tipo CSRF para un cambio de correo electr\u00f3nico de administrador."
}
],
"id": "CVE-2020-13231",
"lastModified": "2024-11-21T05:00:51.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-20T14:15:11.487",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3342"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-12 16:59
Modified
2024-11-21 02:49
Severity ?
Summary
SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BADE3A0-FB6D-42BD-9BAF-CB6BF20CE47F",
"versionEndIncluding": "0.8.8g",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en tree.php en Cacti 0.8.8g y versiones anteriores permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro parent_id en una acci\u00f3n item_edit action."
}
],
"id": "CVE-2016-3172",
"lastModified": "2024-11-21T02:49:31.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-12T16:59:03.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2667"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/03/10/13"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/03/15/11"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/84324"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/03/10/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/03/15/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/84324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in `graphs_new.php`. Several validations are performed, but the `returnto` parameter is directly passed to `form_save_button`. In order to bypass this validation, returnto must contain `host.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.24 | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in `graphs_new.php`. Several validations are performed, but the `returnto` parameter is directly passed to `form_save_button`. In order to bypass this validation, returnto must contain `host.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un framework operacional de monitorizaci\u00f3n y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar datos. La vulnerabilidad se encuentra en \"graphs_new.php\". Se realizan varias validaciones, pero el par\u00e1metro \"returnto\" se pasa directamente a \"form_save_button\". Para evitar esta validaci\u00f3n, returnto debe contener \"host.php\". Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deber\u00e1n filtrar manualmente la salida HTML. "
}
],
"id": "CVE-2023-39360",
"lastModified": "2024-11-21T08:15:14.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:46.800",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:25
Modified
2024-12-18 18:28
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de la versi\u00f3n 1.2.27, algunos de los datos almacenados en la funci\u00f3n `automation_tree_rules_form_save()` en `automation_tree_rules.php` no se verifican exhaustivamente y se usan para concatenar la declaraci\u00f3n HTML en la funci\u00f3n `form_confirm()` de `lib/html. php`, lo que finalmente resulta en Cross Site Scripting. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-31444",
"lastModified": "2024-12-18T18:28:58.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:25:20.827",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vulnerabilities in Cacti. This allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.24 | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vulnerabilities in Cacti. This allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de c\u00f3digo abierto de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos. Se ha descubierto un defecto en la funci\u00f3n \"sql_save\". Cuando el tipo de columna es num\u00e9rico, la funci\u00f3n \"sql_save\" utiliza directamente la entrada del usuario. Muchos archivos y funciones que llaman a la funci\u00f3n \"sql_save\" no realizan una validaci\u00f3n previa de la entrada del usuario, lo que provoca la existencia de m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Cacti. Esto permite a los usuarios autenticados explotar estas vulnerabilidades de inyecci\u00f3n SQL para llevar a cabo la escalada de privilegios ejecuci\u00f3n remota de c\u00f3digo. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen solucionas para esta vulnerabilidad. "
}
],
"id": "CVE-2023-39357",
"lastModified": "2024-11-21T08:15:13.840",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:08.637",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The `data_sources.php` script displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app.
CENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1546DD7A-F54C-4DFB-A3D3-21D61D9BF538",
"versionEndExcluding": "1.2.25",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The `data_sources.php` script displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. \nCENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un marco de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de cacti. Estos datos ser\u00e1n vistos por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script \"data_sources.php\" muestra la informaci\u00f3n de gesti\u00f3n de la fuente de datos (por ejemplo, ruta de la fuente de datos, configuraci\u00f3n de sonde, etc) para diferentes visualizaciones de datos de la aplicaci\u00f3n cacti. CENSUS descubri\u00f3 que un adversario que es capaz de configurar un nombre de dispositivo malicioso, puede desplegar un ataque de XSS almacenado contra cualquier usuario con los mismos privilegios (o m\u00e1s amplios). Un usuario que posea los permisos de Administraci\u00f3n General-Sitios/Dispositivos/Datos puede configurar los nombres de los dispositivos en cacti. Esta configuraci\u00f3n se produce a trav\u00e9s de \"http:///cacti/host.php\", mientras que el payload malicioso renderizado se exhibe en \"http:///cacti/data_sources.php\". Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deber\u00e1n filtrar manualmente la salida HTML. "
}
],
"id": "CVE-2023-39366",
"lastModified": "2024-11-21T08:15:15.150",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:46.963",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the 'General Administration>Sites/Devices/Data' permissions can configure the data source path in Cacti. This configuration occurs through `http://<HOST>/cacti/data_sources.php`. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the \u0027General Administration\u003eSites/Devices/Data\u0027 permissions can configure the data source path in Cacti. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_sources.php`. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.\n"
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos ser\u00e1n visualizados por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo `data_sources.php` muestra la informaci\u00f3n de gesti\u00f3n de la fuente de datos (por ejemplo, ruta de la fuente de datos, configuraci\u00f3n de sondeo etc) para diferentes visualizaciones de datos de la aplicaci\u00f3n _cacti_. CENSUS descubri\u00f3 que un adversario que es capaz de configurar una ruta de fuente de datos maliciosa, puede implementar un ataque XSS almacenado contra cualquier usuario que tenga los mismos (o m\u00e1s amplios) privilegios. Un usuario que posea los permisos \u0027General Administration\u0026gt;Sites/Devices/Data\u0027, puede configurar la ruta de la fuente de datos en Cacti. Esta configuraci\u00f3n ocurre a trav\u00e9s de `http:///cacti/data_sources.php`. La misma p\u00e1gina se puede utilizar para obtener una vista previa de la ruta de la fuente de datos. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben escapar manualmente de la salida HTML."
}
],
"id": "CVE-2023-39516",
"lastModified": "2024-11-21T08:15:34.890",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:09.180",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The`reports_admin.php` script displays reporting information about graphs, devices, data sources etc.
CENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The`reports_admin.php` script displays reporting information about graphs, devices, data sources etc.\nCENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativo y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de _cacti_. Estos datos ser\u00e1n vistos por las cuentas administrativas de _cacti_ y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script `reports_admin.php` muestra informaci\u00f3n de informes sobre gr\u00e1ficos, dispositivos, fuentes de datos, etc.CENSUS descubri\u00f3 que un adversario que puede configurar un nombre de dispositivo malicioso puede implementar un ataque XSS almacenado contra cualquier usuario con los mismos (o m\u00e1s amplios) privilegios.Un usuario que posee los permisos _Administraci\u00f3n general\u0026gt;Sitios/Dispositivos/Datos_ puede configurar los nombres de los dispositivos en _cacti_. Esta configuraci\u00f3n se produce a trav\u00e9s de `http:///cacti/host.php`, mientras que la carga \u00fatil maliciosa representada se exhibe en `http:///cacti/reports_admin.php` cuando se muestra un gr\u00e1fico con el contenido malicioso. El nombre del dispositivo modificado est\u00e1 vinculado al informe. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML."
}
],
"id": "CVE-2023-39510",
"lastModified": "2024-11-21T08:15:34.027",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:47.047",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-23 22:00
Modified
2024-11-21 01:14
Severity ?
Summary
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A034AA62-ECC3-4361-9E42-A1218F9EB2E1",
"versionEndIncluding": "0.8.7e",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template."
},
{
"lang": "es",
"value": "Cacti antes de v0.8.7f, tal como se utiliza en Red Hat High Performance Computing (HPC) Solution y otros productos, permite a los administradores remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de metacaracteres de shell en (1) el campo FQDN (Nombre de dominio completo) de un \u0027Device\u0027 o (2) en el campo \u0027Vertical Label\u0027 de una plantilla de gr\u00e1fico."
}
],
"id": "CVE-2010-1645",
"lastModified": "2024-11-21T01:14:52.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-23T22:00:02.907",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5778"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5782"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5784"
},
{
"source": "secalert@redhat.com",
"url": "http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609115"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-14 23:00
Modified
2024-11-21 00:42
Severity ?
Summary
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Cacti 0.8.7 anterior a 0.8.7b y 0.8.6 anterior a 0.8.6k. que permite a usuarios autentificados remotamente ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de los par\u00e1metros: (1) graph_list a graph_view.php, (2) leaf_id e id a tree.php, (3) local_graph_id a graph_xport.php y (4) login_username a index.php/login."
}
],
"id": "CVE-2008-0785",
"lastModified": "2024-11-21T00:42:54.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-14T23:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28976"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30045"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-12-15 03:57
Modified
2024-11-21 01:33
Severity ?
Summary
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "921BD859-6432-492B-887B-B9A172ED2113",
"versionEndIncluding": "0.8.7g",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en auth_login.php de Cacti en versiones anteriores a 0.8.7h permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro login_username."
}
],
"id": "CVE-2011-4824",
"lastModified": "2024-11-21T01:33:04.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-12-15T03:57:34.607",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"source": "cve@mitre.org",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069126.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069137.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069141.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44133"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46876"
},
{
"source": "cve@mitre.org",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6807"
},
{
"source": "cve@mitre.org",
"url": "http://www.cacti.net/release_notes_0_8_7h.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/50671"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069137.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069141.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6807"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cacti.net/release_notes_0_8_7h.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71326"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-27 16:55
Modified
2024-11-21 02:06
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| cacti | cacti | 0.8.7g | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en cdef.php en Cacti 0.8.7g, 0.8.8b y versiones anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-2326",
"lastModified": "2024-11-21T02:06:04.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-27T16:55:05.693",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "http://bugs.cacti.net/view.php?id=2431"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57647"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/59203"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7443"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66390"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "http://bugs.cacti.net/view.php?id=2431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-22 02:15
Modified
2024-11-21 05:39
Severity ?
Summary
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.8 | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| opmantek | open-audit | 3.3.1 | |
| opensuse | suse_package_hub | * | |
| opensuse | suse_linux_enterprise_server | 12.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D05824B-4E66-44CA-A862-0DDDB23C8C88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opmantek:open-audit:3.3.1:*:*:*:-:*:*:*",
"matchCriteriaId": "89AEB128-B4F3-447F-B458-D4A34A477979",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:suse_package_hub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90EA34D4-1AF5-4D1E-AA95-63C605BE1386",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3D1104-C0AA-45DE-86A1-5D7CC8281B39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege."
},
{
"lang": "es",
"value": "El archivo graph_realtime.php en Cacti versi\u00f3n 1.2.8, permite a atacantes remotos ejecutar comandos arbitrarios de Sistema Operativo por medio de metacaracteres de shell en una cookie, si un usuario invitado posee el privilegio graph real-time."
}
],
"id": "CVE-2020-8813",
"lastModified": "2024-11-21T05:39:29.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-22T02:15:10.553",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156537/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156538/Cacti-1.2.8-Authenticated-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156593/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://drive.google.com/file/d/1A8hxTyk_NgSp04zPX-23nPbsSDeyDFio/view"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3285"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/Cacti/cacti/releases"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M77SS33IDVNGBU566TK2XVULPW3RXUQ4/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAX3LDXPIKWNBGVZSIMZV7LI5K6BZRTO/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEMDQXDRNQYXOME7TACKDVCXZXZNGZE2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202004-16"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156537/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156538/Cacti-1.2.8-Authenticated-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156593/Cacti-1.2.8-Unauthenticated-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://drive.google.com/file/d/1A8hxTyk_NgSp04zPX-23nPbsSDeyDFio/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/Cacti/cacti/releases"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M77SS33IDVNGBU566TK2XVULPW3RXUQ4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WAX3LDXPIKWNBGVZSIMZV7LI5K6BZRTO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEMDQXDRNQYXOME7TACKDVCXZXZNGZE2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202004-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-08 05:29
Modified
2024-11-21 03:16
Severity ?
Summary
Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1066 | Exploit, Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1066 | Exploit, Issue Tracking, Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "90B513DA-BA6E-4BE9-B299-F02F3784262C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd."
},
{
"lang": "es",
"value": "Cacti 1.1.27 permite que administradores remotos autenticados lean archivos arbitrarios colocando la ruta de acceso a registros en un directorio privado y, a continuaci\u00f3n, realizando una petici\u00f3n clog.php?filename=, tal y como demuestra filename=passwd (con una ruta de acceso a registros bajo /etc) para leer /etc/passwd."
}
],
"id": "CVE-2017-16661",
"lastModified": "2024-11-21T03:16:46.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-08T05:29:00.280",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-19 21:15
Modified
2024-11-21 05:51
Severity ?
Summary
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.cacti.net/info/changelog | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cacti.net/info/changelog | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.1.38 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFA713C-B4BF-4F75-BF58-68904DC58CB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the \"new_username\" field during creation of a new user via \"Copy\" method at user_admin.php."
},
{
"lang": "es",
"value": "Cacti versi\u00f3n 1.1.38, permite a usuarios autenticados con permisos de administraci\u00f3n de usuarios inyectar un script web o HTML arbitrario en el campo \"new_username\" durante la creaci\u00f3n de un nuevo usuario por medio del m\u00e9todo \"Copy\" en el archivo user_admin.php"
}
],
"id": "CVE-2021-23225",
"lastModified": "2024-11-21T05:51:24.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-19T21:15:08.087",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/info/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/info/changelog"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:25
Modified
2024-12-18 20:38
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de la versi\u00f3n 1.2.27, algunos de los datos almacenados en `automation_tree_rules.php` no se verifican minuciosamente y se usan para concatenar la declaraci\u00f3n SQL en la funci\u00f3n `create_all_header_nodes()` de `lib/api_automation.php`, lo que finalmente da como resultado SQL inyecci\u00f3n. Al utilizar la tecnolog\u00eda de inyecci\u00f3n secundaria basada en SQL, los atacantes pueden modificar el contenido de la base de datos de Cacti y, en funci\u00f3n del contenido modificado, es posible lograr un mayor impacto, como la lectura de archivos arbitrarios e incluso la ejecuci\u00f3n remota de c\u00f3digo mediante la escritura de archivos arbitrarios. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-31460",
"lastModified": "2024-12-18T20:38:39.747",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:25:26.897",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-21 19:15
Modified
2024-11-21 04:32
Severity ?
Summary
Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F5AE29-35EB-4B0E-8304-F5520AAE998B",
"versionEndIncluding": "1.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery."
},
{
"lang": "es",
"value": "Cacti versiones hasta 1.2.7, est\u00e1 afectado por una vulnerabilidad de inyecci\u00f3n SQL de graphs.php?template_id= afectando la forma en que son manejados los identificadores de plantilla cuando una cadena y un valor compuesto de id son usados para identificar el tipo de plantilla y la identificaci\u00f3n. Un atacante autenticado puede explotar esto para extraer datos desde la base de datos, o un atacante remoto no autenticado podr\u00eda explotar esto por medio de un ataque de tipo Cross-Site Request Forgery."
}
],
"id": "CVE-2019-17357",
"lastModified": "2024-11-21T04:32:09.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-21T19:15:13.067",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3025"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-01 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100080 | ||
| cve@mitre.org | https://cacti.net/release_notes.php?version=1.1.16 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/877 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201711-10 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100080 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cacti.net/release_notes.php?version=1.1.16 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/877 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201711-10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A36ACCD5-4309-4B3A-AC08-578B0B95F53E",
"versionEndIncluding": "1.1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter."
},
{
"lang": "es",
"value": "spikekill.php en Cacti en versiones anteriores a la 1.1.16 puede permitir a los atacantes remotos ejecutar c\u00f3digo arbitrario mediante el par\u00e1metro avgnan, outlier-start o outlier-end."
}
],
"id": "CVE-2017-12065",
"lastModified": "2024-11-21T03:08:45.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-01T05:29:00.257",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/100080"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/877"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201711-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/100080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-10"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-23 22:00
Modified
2024-11-21 01:14
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A034AA62-ECC3-4361-9E42-A1218F9EB2E1",
"versionEndIncluding": "0.8.7e",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en Cacti antes de v0.8.7f, tal como se utiliza en Red Hat High Performance Computing (HPC) Solution y otros productos, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de los par\u00e1metros a host.php (1) hostname o (2) description , o (3) el par\u00e1metro host_id a data_sources.php."
}
],
"id": "CVE-2010-1644",
"lastModified": "2024-11-21T01:14:52.533",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-23T22:00:02.347",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5901"
},
{
"source": "secalert@redhat.com",
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/511393"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/40332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1203"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609093"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=5901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cacti.net/release_notes_0_8_7f.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-10 15:15
Modified
2024-11-21 08:11
Severity ?
Summary
Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF33D6C2-ADC9-4C3C-BF69-348B846CFD08",
"versionEndExcluding": "1.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723."
},
{
"lang": "es",
"value": "Cacti anterior a 1.2.6 permite IDOR (Referencia directa a objetos inseguros) para acceder a cualquier gr\u00e1fico a trav\u00e9s de un par\u00e1metro local_graph_id modificado en graph_xport.php. Esta es una vulnerabilidad diferente a CVE-2019-16723."
}
],
"id": "CVE-2023-37543",
"lastModified": "2024-11-21T08:11:54.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-10T15:15:09.397",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj"
},
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-639"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-04 16:00
Modified
2024-11-21 01:14
Severity ?
Summary
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A034AA62-ECC3-4361-9E42-A1218F9EB2E1",
"versionEndIncluding": "0.8.7e",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en templates_export.php en Cacti v0.8.7e y anteriores permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro export_item_id."
}
],
"id": "CVE-2010-1431",
"lastModified": "2024-11-21T01:14:24.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-04T16:00:35.403",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2010/Apr/272"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39568"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39572"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/41041"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2039"
},
{
"source": "secalert@redhat.com",
"url": "http://www.exploit-db.com/sploits/Bonsai-SQL_Injection_in_Cacti.pdf"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:092"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/39653"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0986"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2010/Apr/272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/41041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/sploits/Bonsai-SQL_Injection_in_Cacti.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-27 22:30
Modified
2024-11-21 01:15
Severity ?
Summary
SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A034AA62-ECC3-4361-9E42-A1218F9EB2E1",
"versionEndIncluding": "0.8.7e",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en graph.php en Cacti v0.8.7e y anteriores permite a atacntes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro rra_id en una petici\u00f3n GET en conjunci\u00f3n con un valor rra_id v\u00e1lido en una petici\u00f3n POST o una cooki, que supera la rutina de validaci\u00f3n. \r\n"
}
],
"id": "CVE-2010-2092",
"lastModified": "2024-11-21T01:15:53.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-27T22:30:01.467",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/41041"
},
{
"source": "cve@mitre.org",
"url": "http://www.cacti.net/changelog.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2060"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/41041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cacti.net/changelog.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-10 20:29
Modified
2024-11-21 02:06
Severity ?
Summary
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id, or (8) rra_id parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8b:*:*:*:*:*:*:*",
"matchCriteriaId": "25C92A47-E876-481D-83DB-0B547F0C101E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id, or (8) rra_id parameter."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en graph_xport.php en Cacti 0.8.7g, 0.8.8b y versiones anteriores permiten a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id o (8) rra_id."
}
],
"id": "CVE-2014-2708",
"lastModified": "2024-11-21T02:06:48.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-10T20:29:21.050",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.cacti.net/view.php?id=2405"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q2/2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57647"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/59203"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66555"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084258"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92278"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.cacti.net/view.php?id=2405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q2/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-17 18:59
Modified
2024-11-21 02:31
Severity ?
Summary
SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 22 | |
| fedoraproject | fedora | 23 | |
| fedoraproject | fedora | 24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F676405-470D-43E8-A6EF-060E6E70F0FA",
"versionEndIncluding": "0.8.8c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n get_hash_graph_template en lib/functions.php en Cacti anterior a 0.8.8d permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro graph_template_id en graph_templates.php."
}
],
"id": "CVE-2015-4454",
"lastModified": "2024-11-21T02:31:06.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T18:59:09.517",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.cacti.net/view.php?id=2572"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.cacti.net/view.php?id=2572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75270"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-16 16:29
Modified
2024-11-21 04:02
Severity ?
Summary
A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7FEEA7-B141-4E6E-8B73-4DFF4844A341",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad Cross-Site Scripting (XSS) en graph_templates.php en Cacti, en versiones anteriores a la 1.2.0, debido a la falta de escapado de caracteres no planeados en Graph Vertical Label."
}
],
"id": "CVE-2018-20725",
"lastModified": "2024-11-21T04:02:02.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T16:29:00.620",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2214"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-06 18:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually filter HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually filter HTML output.\n"
},
{
"lang": "es",
"value": "Cacti es un framework de gesti\u00f3n de fallas y monitoreo operativo de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site-Scripting (XSS) almacenada que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de _cacti_. Estos datos ser\u00e1n vistos por cuentas administrativas de _cacti_ y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en el momento de la visualizaci\u00f3n. El script bajo `reports_admin.php` muestra informaci\u00f3n de informes sobre gr\u00e1ficos, dispositivos, fuentes de datos, etc. _CENSUS_ descubri\u00f3 que un adversario que puede configurar un nombre de dispositivo malicioso, relacionado con un gr\u00e1fico adjunto a un informe, puede implementar un ataque XSS almacenado contra cualquier superusuario que tenga privilegios de ver la p\u00e1gina `reports_admin.php`, como cuentas administrativas. Un usuario que posee los permisos _General Administration\u0026gt;Sites/Devices/Data_ permissions puede configurar los nombres de los dispositivos en _cacti_. Esta configuraci\u00f3n ocurre a trav\u00e9s de `http:///cacti/host.php`, mientras que el payload manipulado representado se exhibe en `http:///cacti/reports_admin.php` cuando se muestra un gr\u00e1fico con el contenido malicioso. El nombre del dispositivo modificado est\u00e1 vinculado al informe. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML."
}
],
"id": "CVE-2023-39511",
"lastModified": "2024-11-21T08:15:34.180",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-06T18:15:08.627",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-22 17:15
Modified
2024-11-21 08:32
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C37D52EF-53D7-4D25-A805-BA4071CADB84",
"versionEndIncluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallos. En las versiones 1.2.25 y anteriores, es posible ejecutar c\u00f3digo SQL arbitrario a trav\u00e9s del script `pollers.php`. Un usuario autorizado puede ejecutar c\u00f3digo SQL arbitrario. El componente vulnerable es `pollers.php`. Impacto de la vulnerabilidad: ejecuci\u00f3n de c\u00f3digo SQL arbitrario. En el momento de la publicaci\u00f3n, no parece existir ning\u00fan parche."
}
],
"id": "CVE-2023-49085",
"lastModified": "2024-11-21T08:32:47.443",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-22T17:15:07.990",
"references": [
{
"source": "security-advisories@github.com",
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/pollers.php#L451"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vr3c-38wh-g855"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/pollers.php#L451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vr3c-38wh-g855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-11 01:32
Modified
2024-11-21 03:14
Severity ?
Summary
include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1039569 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1010 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039569 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1010 | Exploit, Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "D20820A0-E201-4CD6-9E4B-61426B5E2107",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page."
},
{
"lang": "es",
"value": "include/global_session.php en Cacti 1.1.25 tiene XSS relacionado con (1) la URI o (2) la acci\u00f3n refresh page."
}
],
"id": "CVE-2017-15194",
"lastModified": "2024-11-21T03:14:11.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-11T01:32:54.207",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039569"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1010"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.24 | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una inyecci\u00f3n SQL descubierta en graph_view.php. Desde que los usuarios invitados pueden acceder a graph_view.php sin autenticaci\u00f3n por defecto, si los usuarios invitados est\u00e1n siendo utilizados en un estado habilitado, podr\u00edan potencialmente producir da\u00f1os importantes. Los atacantes pueden explotar esta vulnerabilidad, y puede haber posibilidades de acciones tales como la usurpaci\u00f3n de privilegios administrativos o la ejecuci\u00f3n remota de c\u00f3digo. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad."
}
],
"id": "CVE-2023-39361",
"lastModified": "2024-11-21T08:15:14.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:46.880",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-17 19:59
Modified
2024-11-21 02:38
Severity ?
Summary
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C69488-CAAE-4612-B3A3-C5789C2D772B",
"versionEndIncluding": "0.8.8f",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en include/top_graph_header.php en Cacti 0.8.8f y en versiones anteriores permite a atacantes remotos ejecutar comandosSQL arbitrarios a trav\u00e9s del par\u00e1metro rra_id en una acci\u00f3n de propiedades en graph.php."
}
],
"id": "CVE-2015-8369",
"lastModified": "2024-11-21T02:38:23.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-17T19:59:11.683",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2646"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/8"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3423"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034497"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti\u0027s database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti.Estos datos ser\u00e1n visualizados por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo `data_debug.php`muestra informaci\u00f3n de depuraci\u00f3n relacionada con la fuente de datos, como _rutas de la fuente de datos, configuraciones de sondeo y metadatos en la fuente de datos_._CENSUS_ descubri\u00f3 que un adversario que es capaz de configurar una ruta de fuente de datos maliciosa, puede implementar un ataque XSS almacenado contra cualquier usuario que tenga privilegios relacionados con la visualizaci\u00f3n de la informaci\u00f3n `data_debug.php`.Un usuario que posee los permisos _Administraci\u00f3n general\u0026gt;Sitios/Dispositivos/Datos_ puede configurar la ruta de la fuente de datos en _cacti_. Esta configuraci\u00f3n se produce a trav\u00e9s de `http:///cacti/data_sources.php`. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML."
}
],
"id": "CVE-2023-39515",
"lastModified": "2024-11-21T08:15:34.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:47.387",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:25
Modified
2024-12-18 18:28
Severity ?
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de 1.2.27, algunos de los datos almacenados en la funci\u00f3n `form_save()` en `data_queries.php` no se verifican minuciosamente y se usan para concatenar la declaraci\u00f3n HTML en la funci\u00f3n `grow_right_pane_tree()` de `lib/html.php `, lo que finalmente resulta en Cross Site Scripting. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-31443",
"lastModified": "2024-12-18T18:28:19.237",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:25:20.050",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-27 18:15
Modified
2024-11-21 05:13
Severity ?
Summary
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Cacti/cacti/issues/3549 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/3549 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.12 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "697145F3-CB18-45CF-9671-148B10B2F3F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php."
},
{
"lang": "es",
"value": "Se presentan m\u00faltiples vulnerabilidades de tipo Cross Site Scripting (XSS) en Cacti versi\u00f3n 1.2.12, en los archivos (1) reports_admin.php, (2) data_queries.php, (3) datat.ph_inpup, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, y (7) data_input.php"
}
],
"id": "CVE-2020-23226",
"lastModified": "2024-11-21T05:13:39.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-27T18:15:07.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3549"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-15 21:59
Modified
2024-11-21 02:38
Severity ?
Summary
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C69488-CAAE-4612-B3A3-C5789C2D772B",
"versionEndIncluding": "0.8.8f",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n host_new_graphs_save en graphs_new.php en Cacti 0.8.8f y versiones anteriores permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s de datos serializados manipulados en el par\u00e1metro selected_graphs_array en una acci\u00f3n de guardado."
}
],
"id": "CVE-2015-8377",
"lastModified": "2024-11-21T02:38:24.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-15T21:59:10.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/57"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3494"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034498"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-20 11:46
Modified
2024-11-21 00:39
Severity ?
Summary
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB43AB84-E172-41EE-8AAE-D4412DCF09BA",
"versionEndIncluding": "0.8.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en el archivo graph.php en Cacti versiones anteriores a 0.8.7a, permite a atacantes remotos ejecutar comandos SQL arbitrarios por medio del par\u00e1metro local_graph_id."
}
],
"id": "CVE-2007-6035",
"lastModified": "2024-11-21T00:39:13.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-20T11:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199509"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27719"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27745"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27756"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27891"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27950"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200712-02.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7a.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1418"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:231"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26487"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018982"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3911"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38559"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00794.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200712-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7a.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00794.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-10 15:59
Modified
2024-11-21 02:28
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in settings.php in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F676405-470D-43E8-A6EF-060E6E70F0FA",
"versionEndIncluding": "0.8.8c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in settings.php in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en settings.php en Cacti en versiones anteriores a la 0.8.8d, permite a los atacantes inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de vectores inespec\u00edficos."
}
],
"id": "CVE-2015-2967",
"lastModified": "2024-11-21T02:28:24.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-07-10T15:59:00.087",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN78187936/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000094"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN78187936/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-12 16:29
Modified
2024-11-21 03:40
Severity ?
Summary
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1040620 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1457 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.cacti.net/changelog.php | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040620 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1457 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cacti.net/changelog.php | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C92D7852-1A41-488B-AB85-52980A371CB4",
"versionEndIncluding": "1.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php."
},
{
"lang": "es",
"value": "Cacti, en versiones anteriores a la 1.1.37, tiene Cross-Site Scripting (XSS) debido a que no rechaza correctamente los caracteres no deseados. Esto se relaciona con el uso de la funci\u00f3n sanitize_uri en lib/functions.php."
}
],
"id": "CVE-2018-10060",
"lastModified": "2024-11-21T03:40:44.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-12T16:29:00.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.cacti.net/changelog.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-16 16:29
Modified
2024-11-21 04:02
Severity ?
Summary
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7FEEA7-B141-4E6E-8B73-4DFF4844A341",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad Cross-Site Scripting (XSS) en color_templates.php en Cacti, en versiones anteriores a la 1.2.0, debido a la falta de escapado de caracteres no planeados en el campo Name de un color."
}
],
"id": "CVE-2018-20723",
"lastModified": "2024-11-21T04:02:02.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T16:29:00.510",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2215"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operacional y gesti\u00f3n de fallos de c\u00f3digo abierto. En Cacti v1.2.24, bajo ciertas condiciones, un usuario privilegiado autenticado, puede utilizar una cadena maliciosa en las opciones SNMP de un dispositivo, realizando inyecci\u00f3n de comandos y obteniendo ejecuci\u00f3n remota de c\u00f3digo en el servidor subyacente. El fichero \"lib/snmp.php\" tiene un conjunto de funciones, con un comportamiento similar, que aceptan en entrada algunas variables y las colocan en una llamada \"exec\" sin un escape o validaci\u00f3n adecuados. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad. "
}
],
"id": "CVE-2023-39362",
"lastModified": "2024-11-21T08:15:14.563",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:08.817",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.vicarius.io/vsociety/posts/command-injection-in-cacti-cve-2023-39362"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-24 05:29
Modified
2024-11-21 02:44
Severity ?
Summary
auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.cacti.net/view.php?id=2697 | Broken Link | |
| cve@mitre.org | http://www.cacti.net/release_notes_1_0_0.php | Issue Tracking, Release Notes, Vendor Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.cacti.net/view.php?id=2697 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cacti.net/release_notes_1_0_0.php | Issue Tracking, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697 | Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE55913-88BA-4A5F-91D0-B7EC37EAC334",
"versionEndExcluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313."
},
{
"lang": "es",
"value": "auth_login.php en versiones anteriores a la 1.0.0 de Cacti permite que usuarios autenticados remotos que emplean la autenticaci\u00f3n web omitan las restricciones de acceso planeadas iniciando sesi\u00f3n como usuario que no est\u00e1 en la base de datos de Cacti, ya que el usuario invitado no est\u00e1 considerado. NOTA: Esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2016-2313."
}
],
"id": "CVE-2016-10700",
"lastModified": "2024-11-21T02:44:32.363",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-24T05:29:00.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://bugs.cacti.net/view.php?id=2697"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_1_0_0.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://bugs.cacti.net/view.php?id=2697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_1_0_0.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-23 22:00
Modified
2024-11-21 01:16
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to templates_import.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via vectors related to (2) cdef.php, (3) data_input.php, (4) data_queries.php, (5) data_sources.php, (6) data_templates.php, (7) gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php, (11) graph_templates_inputs.php, (12) graph_templates_items.php, (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16) host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19) lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php, and (25) user_admin.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12610FA3-8EB9-45F2-9E70-8B3D70E47BC7",
"versionEndIncluding": "0.8.7f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to templates_import.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via vectors related to (2) cdef.php, (3) data_input.php, (4) data_queries.php, (5) data_sources.php, (6) data_templates.php, (7) gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php, (11) graph_templates_inputs.php, (12) graph_templates_items.php, (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16) host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19) lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php, and (25) user_admin.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios crtuzados (XSS) en Cacti antes de v0.8.7g, tal como se utiliza en Red Hat High Performance Computing (HPC) Solution y otros productos, permite a atacantes remotos inyectar HTML o secuencias de comandos web a trav\u00e9s del (1) elemento name en una plantilla XML para templates_import.php. Tambi\u00e9n permite a los administradores remotos autenticados inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores relacionados con (2) cdef.php, (3) data_input.php, (4) data_queries.php, (5) data_sources. php, (6) data_templates.php, (7) gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php, (11) graph_templates_inputs.php, (12) graph_templates_items.php , (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16) host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19) lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php, y (25) user_admin.php."
}
],
"id": "CVE-2010-2545",
"lastModified": "2024-11-21T01:16:52.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-23T22:00:03.220",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6037"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6038"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6041"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6042"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459229"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61227"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-22 00:59
Modified
2024-11-21 02:23
Severity ?
Summary
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN18957556/index.html | Vendor Advisory | |
| vultures@jpcert.or.jp | http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064 | Vendor Advisory | |
| vultures@jpcert.or.jp | http://www.cacti.net/release_notes_0_8_6f.php | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN18957556/index.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cacti.net/release_notes_0_8_6f.php | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E6DAE0B-9100-4315-A10F-FB2AAE59FD3A",
"versionEndIncluding": "0.8.6e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en graph.php en Cacti anterior a 0.8.6f permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro local_graph_id, una vulnerabilidad diferente a CVE-2007-6035."
}
],
"id": "CVE-2015-0916",
"lastModified": "2024-11-21T02:23:59.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-22T00:59:02.783",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN18957556/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_6f.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN18957556/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_6f.php"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-12 14:15
Modified
2024-11-21 05:18
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.13 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "77AFE7F3-A74A-43C1-AD56-A247F5AD00E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field"
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo templates_import.php (Cacti versi\u00f3n 1.2.13) debido al escape inapropiado del mensaje de error durante la vista previa de la importaci\u00f3n de la plantilla en el campo xml_path"
}
],
"id": "CVE-2020-25706",
"lastModified": "2024-11-21T05:18:32.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-12T14:15:22.970",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25706"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/39458efcd5286d50e6b7f905fedcdc1059354e6e"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3723"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/39458efcd5286d50e6b7f905fedcdc1059354e6e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-12 14:15
Modified
2024-11-21 04:32
Severity ?
Summary
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F5AE29-35EB-4B0E-8304-F5520AAE998B",
"versionEndIncluding": "1.2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module."
},
{
"lang": "es",
"value": "Cacti versiones hasta 1.2.7, est\u00e1 afectado por m\u00faltiples instancias de deserializaci\u00f3n no segura de la biblioteca lib/functions.php de datos controlados por parte del usuario para llenar matrices. Un atacante autenticado podr\u00eda usar esto para influir en los valores de los datos del objeto y controlar las acciones tomadas por Cacti o potencialmente causar una corrupci\u00f3n de la memoria en el m\u00f3dulo PHP."
}
],
"id": "CVE-2019-17358",
"lastModified": "2024-11-21T04:32:10.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-12T14:15:16.133",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17358"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.php#L3109"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3026"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.php#L3109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.darkmatter.ae/xen1thlabs/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2020/dsa-4604"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-11 16:15
Modified
2024-11-21 05:27
Severity ?
Summary
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A8BC37-F5C4-4940-BE4E-2114CAA44B5F",
"versionEndIncluding": "1.2.16",
"versionStartIncluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en Cacti versiones 1.2.x hasta 1.2.16.\u0026#xa0;Una vulnerabilidad de inyecci\u00f3n SQL en el archivo data_debug.php permite a atacantes autenticados remotos ejecutar comandos SQL arbitrarios por medio del par\u00e1metro site_id.\u0026#xa0;Esto puede conllevar a una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2020-35701",
"lastModified": "2024-11-21T05:27:52.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-11T16:15:15.600",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/4022"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DDD22Z56THHDTXAFM447UH3BVINURIF/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7DPUWZBAMCXFKAKUAJSHL3CKTOLGAK6/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBKBR2MFZJ6C2I4I5PCRR6UERPY24XZN/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/4022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DDD22Z56THHDTXAFM447UH3BVINURIF/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7DPUWZBAMCXFKAKUAJSHL3CKTOLGAK6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBKBR2MFZJ6C2I4I5PCRR6UERPY24XZN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-31"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-06 11:29
Modified
2024-11-21 03:06
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1038908 | ||
| cve@mitre.org | https://github.com/Cacti/cacti/issues/838 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038908 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/838 | Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBF429F-68C6-4FBE-ACE3-E391B0DDAB02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en link.php en Cacti 1.1.12 permite que usuarios remotos an\u00f3nimos inyecten scripts web o HTML arbitrarios mediante el par\u00e1metro id, relacionado con la funci\u00f3n die_html_input_error en lib/html_validate.php."
}
],
"id": "CVE-2017-10970",
"lastModified": "2024-11-21T03:06:51.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-06T11:29:00.180",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1038908"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/838"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-20 17:55
Modified
2024-11-21 02:11
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8b:*:*:*:*:*:*:*",
"matchCriteriaId": "25C92A47-E876-481D-83DB-0B547F0C101E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en data_sources.php en Cacti 0.8.8b permite a usuarios remotos autenticados con acceso a la consola inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro name_cache en una acci\u00f3n ds_edit."
}
],
"id": "CVE-2014-5025",
"lastModified": "2024-11-21T02:11:18.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-20T17:55:06.150",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94814"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:04
Severity ?
Summary
SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789 | Exploit, Mailing List, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8b:*:*:*:*:*:*:*",
"matchCriteriaId": "25C92A47-E876-481D-83DB-0B547F0C101E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en el archivo graph_templates_inputs.php en Cacti versi\u00f3n 0.8.8b, permite a atacantes remotos ejecutar comandos SQL arbitrarios por medio de los par\u00e1metros graph_template_input_id y graph_template_id."
}
],
"id": "CVE-2017-1000031",
"lastModified": "2024-11-21T03:04:00.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T13:18:16.937",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-23 16:55
Modified
2024-11-21 01:49
Severity ?
Summary
Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6e | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e | |
| cacti | cacti | 0.8.7g | |
| cacti | cacti | 0.8.7i | |
| cacti | cacti | 0.8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1FF245-C99B-41A1-90EB-C5A4025A7AED",
"versionEndIncluding": "0.8.8a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "E239B64D-6B94-4E77-8245-5293247F09D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC44FEA-FB88-4620-B200-E188C7A2BFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5DABFA50-3C45-4841-945B-FBC40B9C94B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Multiples vulnerabilidades de inyecci\u00f3n SQL en (1) api_poller.php y (2) utility.php en Cacti anterior a v0.8.8b permiten a atacantes remotos ejecutar comandos SQL a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-1434",
"lastModified": "2024-11-21T01:49:34.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-23T16:55:06.980",
"references": [
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54181"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54386"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7394"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/61657"
},
{
"source": "security@debian.org",
"url": "http://www.securitytracker.com/id/1028893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028893"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-17 14:15
Modified
2024-11-21 05:02
Severity ?
Summary
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.12 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "697145F3-CB18-45CF-9671-148B10B2F3F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries."
},
{
"lang": "es",
"value": "Un problema de inyecci\u00f3n SQL en el archivo color.php en Cacti versi\u00f3n 1.2.12, permite a un administrador inyectar SQL por medio del par\u00e1metro filter. Esto puede conllevar a una ejecuci\u00f3n de comandos remota porque el producto acepta consultas en pila"
}
],
"id": "CVE-2020-14295",
"lastModified": "2024-11-21T05:02:56.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-17T14:15:10.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3622"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W64CIB6L4HZRVQSWKPDDKXJO4J2XTOXD/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKM5G3YNSZDHDZMPCMAHG5B5M2V4XYSE/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W64CIB6L4HZRVQSWKPDDKXJO4J2XTOXD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKM5G3YNSZDHDZMPCMAHG5B5M2V4XYSE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-22 14:55
Modified
2024-11-21 02:11
Severity ?
Summary
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAF93EB-D502-4210-AD60-A01FE14F077E",
"versionEndIncluding": "0.8.8b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "E239B64D-6B94-4E77-8245-5293247F09D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "6537BC21-D7C5-4EEB-BE7A-D1C9A27E290D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC44FEA-FB88-4620-B200-E188C7A2BFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5DABFA50-3C45-4841-945B-FBC40B9C94B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD91588-5963-4CDE-8C51-B2B4C75C1628",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la secuencia de comandos de configuraciones gr\u00e1ficas (graph_settings.php) en Cacti 0.8.8b y anteriores permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-5262",
"lastModified": "2024-11-21T02:11:43.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-22T14:55:09.173",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q3/386"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/69213"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:05
Modified
2024-12-18 20:54
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the \"Package Import\" feature, allows authenticated users having the \"Import Templates\" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de la versi\u00f3n 1.2.27, una vulnerabilidad de escritura de archivos arbitrarios, explotable a trav\u00e9s de la funci\u00f3n \"Importar paquetes\", permit\u00eda a los usuarios autenticados que ten\u00edan el permiso \"Importar plantillas\" ejecutar c\u00f3digo PHP arbitrario en el servidor web. La vulnerabilidad se encuentra dentro de la funci\u00f3n `import_package()` definida en el script `/lib/import.php`. La funci\u00f3n conf\u00eda ciegamente en el nombre del archivo y el contenido del archivo proporcionado dentro de los datos XML, y escribe dichos archivos en la ruta base de Cacti (o incluso fuera, ya que las secuencias de Path Traversal no se filtran). Esto puede aprovecharse para escribir o sobrescribir archivos arbitrarios en el servidor web, lo que lleva a la ejecuci\u00f3n de c\u00f3digo PHP arbitrario u otros impactos en la seguridad. La versi\u00f3n 1.2.27 contiene un parche para este problema."
}
],
"id": "CVE-2024-25641",
"lastModified": "2024-12-18T20:54:30.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:05:50.423",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/May/6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/May/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-20 14:15
Modified
2024-11-21 05:00
Severity ?
Summary
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| debian | debian_linux | 9.0 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71E927CB-B43A-486F-980C-24BB8CF50FBD",
"versionEndExcluding": "1.2.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs)."
},
{
"lang": "es",
"value": "En Cacti versiones anteriores a 1.2.11, deshabilita una cuenta de usuario que no invalida inmediatamente los permisos concedidos a dicha cuenta (por ejemplo, el permiso para visualizar los registros)."
}
],
"id": "CVE-2020-13230",
"lastModified": "2024-11-21T05:00:50.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-20T14:15:11.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3343"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-07 21:15
Modified
2024-10-16 19:15
Severity ?
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
Summary
Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the “consolenewsection” parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Cacti/cacti/security/advisories/GHSA-49f2-hwx9-qffr | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "F312BCA2-6659-415A-ACA7-02F61E531906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the \u201cconsolenewsection\u201d parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de trabajo de gesti\u00f3n de errores y rendimiento de c\u00f3digo abierto. El par\u00e1metro `consolenewsection` no se desinfecta correctamente al guardar enlaces externos en links.php. Adem\u00e1s, dicho par\u00e1metro consolenewsection se almacena en la base de datos y se refleja de nuevo al usuario en `index.php`, lo que finalmente genera XSS almacenado. Los usuarios con el privilegio de crear enlaces externos pueden manipular el par\u00e1metro \u201cconsolenewsection\u201d en la solicitud de publicaci\u00f3n http mientras crean enlaces externos para realizar ataques XSS almacenados. La vulnerabilidad conocida como XSS (Cross-Site Scripting) ocurre cuando una aplicaci\u00f3n permite que se muestre una entrada de usuario no confiable en una p\u00e1gina web sin la validaci\u00f3n o el escape adecuados. Este problema se ha solucionado en la versi\u00f3n de lanzamiento 1.2.28. Se recomienda a todos los usuarios que actualicen. No existen workarounds conocidas para esta vulnerabilidad."
}
],
"id": "CVE-2024-43365",
"lastModified": "2024-10-16T19:15:56.007",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 5.3,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-07T21:15:16.247",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-49f2-hwx9-qffr"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-23 15:15
Modified
2024-11-21 04:31
Severity ?
Summary
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0267BFF-D5A6-4457-8F00-EA7CB6EE96C8",
"versionEndIncluding": "1.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter."
},
{
"lang": "es",
"value": "En Cacti versiones hasta 1.2.6, los usuarios autenticados pueden omitir las comprobaciones de autorizaci\u00f3n (para visualizar un gr\u00e1fico) por medio de una petici\u00f3n directa del archivo graph_json.php con un par\u00e1metro local_graph_id modificado."
}
],
"id": "CVE-2019-16723",
"lastModified": "2024-11-21T04:31:03.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-23T15:15:10.903",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2964"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZO3ROHHPKLH2JRW7ES5FYSQTWIPNVLQB/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSCUUCKSYVZLN3PQE7NU76AFWUGT3E2D/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2020/dsa-4604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZO3ROHHPKLH2JRW7ES5FYSQTWIPNVLQB/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSCUUCKSYVZLN3PQE7NU76AFWUGT3E2D/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2020/Jan/25"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2020/dsa-4604"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-639"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-17 18:59
Modified
2024-11-21 02:27
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 22 | |
| fedoraproject | fedora | 23 | |
| fedoraproject | fedora | 24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F676405-470D-43E8-A6EF-060E6E70F0FA",
"versionEndIncluding": "0.8.8c",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en Cacti anterior a 0.8.8d permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-2665",
"lastModified": "2024-11-21T02:27:48.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T18:59:01.410",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"source": "cve@mitre.org",
"url": "http://www.fortiguard.com/advisory/FG-VD-15-017/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75309"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FG-VD-15-017/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032672"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:01
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de escalada de privilegios. Un usuario del sistema operativo con pocos privilegios y acceso a un host Windows en el que est\u00e9 instalado Cacti puede crear archivos PHP arbitrarios en un directorio de documentos web. El usuario puede entonces ejecutar los archivos PHP bajo el contexto de seguridad de SYSTEM. Esto permite a un atacante escalar privilegios desde una cuenta de usuario normal a SYSTEM. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios actualizar. No se conocen soluciones para esta vulnerabilidad. "
}
],
"id": "CVE-2023-31132",
"lastModified": "2024-11-21T08:01:27.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:08.487",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-16 16:29
Modified
2024-11-21 04:02
Severity ?
Summary
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7FEEA7-B141-4E6E-8B73-4DFF4844A341",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad Cross-Site Scripting (XSS) en pollers.php en Cacti, en versiones anteriores a la 1.2.0, debido a la falta de escapado de caracteres no planeados en el campo nombre de host del sitio web para los recolectores de datos."
}
],
"id": "CVE-2018-20724",
"lastModified": "2024-11-21T04:02:02.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T16:29:00.557",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2212"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-23 22:00
Modified
2024-11-21 01:16
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-4032.2.b.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12610FA3-8EB9-45F2-9E70-8B3D70E47BC7",
"versionEndIncluding": "0.8.7f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-4032.2.b."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en include/top_graph_header.php en Cacti antes de v0.8.7g permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro graph_start a graph.php. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incorrecta de la vulnerabilidad CVE-2009-4032.2.b."
}
],
"id": "CVE-2010-2543",
"lastModified": "2024-11-21T01:16:52.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-23T22:00:03.080",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025\u0026r2=6024"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025\u0026r2=6024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=541279"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-07 21:15
Modified
2024-10-17 17:58
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE0430A-4E9B-452F-A7EC-029F210FDDFE",
"versionEndExcluding": "1.2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de trabajo de gesti\u00f3n de rendimiento y fallos de c\u00f3digo abierto. Un usuario administrador puede crear un dispositivo con un nombre de host malicioso que contenga c\u00f3digo php y repetir el proceso de instalaci\u00f3n (completar solo el paso 5 del proceso de instalaci\u00f3n es suficiente, no es necesario completar los pasos anteriores o posteriores) para usar un archivo php como archivo de registro de Cacti. Despu\u00e9s de que el nombre de host malicioso termine en los registros (envenenamiento de registros), uno puede simplemente ir a la URL del archivo de registro para ejecutar comandos para lograr RCE. Este problema se ha solucionado en la versi\u00f3n 1.2.28 y se recomienda a todos los usuarios que actualicen. No existen workarounds conocidas para esta vulnerabilidad."
}
],
"id": "CVE-2024-43363",
"lastModified": "2024-10-17T17:58:55.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-07T21:15:15.743",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-21 07:29
Modified
2024-11-21 03:10
Severity ?
Summary
lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1039226 | ||
| cve@mitre.org | https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/918 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039226 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/918 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78EC139C-9B12-4B07-843D-DB9498845AE8",
"versionEndIncluding": "1.1.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user."
},
{
"lang": "es",
"value": "lib/html.php en Cacti en versiones anteriores a la 1.1.18 tiene una vulnerabilidad de tipo Cross-Site Scripting (XSS) que se puede producir mediante el campo de t\u00edtulo de un enlace externo a\u00f1adido por un usuario autenticado."
}
],
"id": "CVE-2017-12978",
"lastModified": "2024-11-21T03:10:34.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-21T07:29:00.233",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1039226"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1039226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/918"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-29 12:07
Modified
2024-11-21 01:57
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6e | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e | |
| cacti | cacti | 0.8.7f | |
| cacti | cacti | 0.8.7g | |
| cacti | cacti | 0.8.7h | |
| cacti | cacti | 0.8.7i | |
| cacti | cacti | 0.8.8 | |
| cacti | cacti | 0.8.8a | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAF93EB-D502-4210-AD60-A01FE14F077E",
"versionEndIncluding": "0.8.8b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "E239B64D-6B94-4E77-8245-5293247F09D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "6537BC21-D7C5-4EEB-BE7A-D1C9A27E290D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7h:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0D40E1-6A0F-4AE7-97A5-D2230BBF4FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC44FEA-FB88-4620-B200-E188C7A2BFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5DABFA50-3C45-4841-945B-FBC40B9C94B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD91588-5963-4CDE-8C51-B2B4C75C1628",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de cross-site scripting (XSS) en Cacti v0.8.8b y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a trav\u00e9s del (1) par\u00e1metro \"step\" en install/index.php o (2) el par\u00e1metro \"id\" en cacti/host.php."
}
],
"id": "CVE-2013-5588",
"lastModified": "2024-11-21T01:57:45.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-29T12:07:56.103",
"references": [
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/54652"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/62001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62001"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-14 23:00
Modified
2024-11-21 00:42
Severity ?
Summary
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en Cacti 0.8.7 anterior a 0.8.7b y 0.8.6 anterior a 0.8.6k, cuando se ejecuta en int\u00e9rpretes PHP antiguos, permite a atacantes remotos inyectar cabeceras HTTP de su elecci\u00f3n y llevar a cabo ataques de divisi\u00f3n de respuesta HTTP a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-0786",
"lastModified": "2024-11-21T00:42:54.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-02-14T23:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28976"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-19 21:15
Modified
2024-11-21 05:55
Severity ?
Summary
As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://www.cacti.net/info/changelog | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cacti.net/info/changelog | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "As an unauthenticated remote user, visit \"http://\u003cCACTI_SERVER\u003e/auth_changepassword.php?ref=\u003cscript\u003ealert(1)\u003c/script\u003e\" to successfully execute the JavaScript payload present in the \"ref\" URL parameter."
},
{
"lang": "es",
"value": "Como usuario remoto no autenticado, visita \"http:///auth_changepassword.php?ref=\" para ejecutar con \u00e9xito la carga \u00fatil de JavaScript presente en el par\u00e1metro \"ref\" de la URL"
}
],
"id": "CVE-2021-26247",
"lastModified": "2024-11-21T05:55:58.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-19T21:15:08.237",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cacti.net/info/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cacti.net/info/changelog"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-07 20:29
Modified
2024-11-21 03:16
Severity ?
Summary
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1057 | Exploit, Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1057 | Exploit, Issue Tracking, Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "90B513DA-BA6E-4BE9-B299-F02F3784262C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php."
},
{
"lang": "es",
"value": "lib/rrd.php en Cacti 1.1.27 permite que administradores remotos autenticados ejecuten comandos de sistema operativo arbitrarios mediante el par\u00e1metro path_rrdtool en una petici\u00f3n action=save en settings.php."
}
],
"id": "CVE-2017-16641",
"lastModified": "2024-11-21T03:16:44.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-07T20:29:00.183",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1057"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:25
Modified
2024-12-18 18:29
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var('filter')` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `'filter'` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var(\u0027filter\u0027)` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `\u0027filter\u0027` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de la versi\u00f3n 1.2.27, una vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n `automation_get_new_graphs_sql` de `api_automation.php` permit\u00eda a los usuarios autenticados explotar estas vulnerabilidades de inyecci\u00f3n SQL para realizar escalada de privilegios y ejecuci\u00f3n remota de c\u00f3digo. En la l\u00ednea 856 de `api_automation.php`, `get_request_var(\u0027filter\u0027)` se concatena en la declaraci\u00f3n SQL sin ning\u00fan tipo de sanitizaci\u00f3n. En `api_automation.php` l\u00ednea 717, el filtro de ``filtro\u0027\u0027 es `FILTER_DEFAULT`, lo que significa que no hay ning\u00fan filtro para \u00e9l. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-31445",
"lastModified": "2024-12-18T18:29:21.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:25:21.567",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-22 19:16
Modified
2024-11-21 07:23
Severity ?
Summary
Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "28AB6B4B-0233-4E2C-A924-CB2418528F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en Cacti 1.2.21 a trav\u00e9s de una petici\u00f3n POST a graphs_new.php."
}
],
"id": "CVE-2022-41444",
"lastModified": "2024-11-21T07:23:14.770",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-22T19:16:28.320",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:00
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti\u2019s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a \u201csafe\u201d deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn\u2019t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
},
{
"lang": "es",
"value": "Cacti es un framework de gesti\u00f3n de fallas y monitoreo operativo de c\u00f3digo abierto. Hay dos casos de deserializaci\u00f3n insegura en la versi\u00f3n 1.2.24 de Cacti. Mientras exista una cadena viable de gadgets en el directorio Cacti\u2019s vendor (phpseclib), los gadgets necesarios no est\u00e1n incluidos, lo que los hace inaccesibles y las deserializaciones inseguras no son explotables. Cada caso de deserializaci\u00f3n insegura se debe al uso de la funci\u00f3n unserialize sin sanear la entrada del usuario. Cacti tiene una deserializaci\u00f3n \u201csegura\u201d que intenta sanitizar el contenido y verificar valores espec\u00edficos antes de llamar a unserialize, pero no se usa en estos casos.El c\u00f3digo vulnerable se encuentra en graphs_new.php, espec\u00edficamente dentro de la funci\u00f3n host_new_graphs_save. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad."
}
],
"id": "CVE-2023-30534",
"lastModified": "2024-11-21T08:00:22.253",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:08.240",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit"
],
"url": "https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-01 05:29
Modified
2024-11-21 03:08
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists because of an incomplete fix (lack of the htmlspecialchars ENT_QUOTES flag) for CVE-2017-11163.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cacti.net/release_notes.php?version=1.1.16 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/877 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cacti.net/release_notes.php?version=1.1.16 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/877 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A36ACCD5-4309-4B3A-AC08-578B0B95F53E",
"versionEndIncluding": "1.1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists because of an incomplete fix (lack of the htmlspecialchars ENT_QUOTES flag) for CVE-2017-11163."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en aggregate_graphs.php en Cacti en versiones anteriores a la 1.1.16 permite que los usuarios remotos autenticados inyecten scripts web arbitrarios o HTML mediante cabeceras de referenciadores HTTP especialmente creadas en relaci\u00f3n con la variable $cancel_url. NOTA: esta vulnerabilidad existe porque hay una parche incompleto (falta el flag htmlspecialchars ENT_QUOTES) para CVE-2017-11163."
}
],
"id": "CVE-2017-12066",
"lastModified": "2024-11-21T03:08:45.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-01T05:29:00.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cacti.net/release_notes.php?version=1.1.16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/877"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-23 22:00
Modified
2024-11-21 01:16
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12610FA3-8EB9-45F2-9E70-8B3D70E47BC7",
"versionEndIncluding": "0.8.7f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*",
"matchCriteriaId": "015D2C09-205B-426B-9118-13CAC82BDF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados(XSS) en utilities.php en Cacti antes de v0.8.7g, tal como se utiliza en Red Hat High Performance Computing (HPC) Solution y otros productos, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro \u0027filter\u0027."
}
],
"id": "CVE-2010-2544",
"lastModified": "2024-11-21T01:16:52.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-23T22:00:03.143",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025\u0026r2=6024\u0026pathrev=6025"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459105"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61226"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cacti.net/release_notes_0_8_7g.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=127978954522586\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128017203704299\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025\u0026r2=6024\u0026pathrev=6025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=6025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/42575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:11
Modified
2024-12-18 21:01
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who access a particular page. Version 1.2.27 contains a patch for the issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h | Exploit, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who access a particular page. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Las versiones de Cacti anteriores a la 1.2.27 son vulnerables a Cross Site Scripting almacenadas, un tipo de Cross Site Scripting en las que script maliciosas se almacenan permanentemente en un servidor de destino y se entregan a los usuarios que acceden a una p\u00e1gina en particular. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-27082",
"lastModified": "2024-12-18T21:01:17.677",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:11:27.020",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:15
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n"
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Los problemas con la validaci\u00f3n de expresiones regulares de Cacti combinados con la funci\u00f3n de enlaces externos pueden provocar inyecciones SQL limitadas y la consiguiente fuga de datos. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad. "
}
],
"id": "CVE-2023-39365",
"lastModified": "2024-11-21T08:15:15.000",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:09.017",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-27 22:15
Modified
2024-11-21 08:28
Severity ?
Summary
SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5814EC-CFCB-4066-9260-FF78B45E2089",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function."
},
{
"lang": "es",
"value": "La vulnerabilidad de inyecci\u00f3n SQL en Cacti v1.2.25 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de la funci\u00f3n form_actions() en la funci\u00f3n managers.php."
}
],
"id": "CVE-2023-46490",
"lastModified": "2024-11-21T08:28:35.457",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-27T22:15:09.100",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-23 16:55
Modified
2024-11-21 01:49
Severity ?
Summary
(1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6e | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e | |
| cacti | cacti | 0.8.7f | |
| cacti | cacti | 0.8.7g | |
| cacti | cacti | 0.8.7h | |
| cacti | cacti | 0.8.7i | |
| cacti | cacti | 0.8.8 | |
| cacti | cacti | 0.8.8a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "E239B64D-6B94-4E77-8245-5293247F09D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "6537BC21-D7C5-4EEB-BE7A-D1C9A27E290D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7h:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0D40E1-6A0F-4AE7-97A5-D2230BBF4FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC44FEA-FB88-4620-B200-E188C7A2BFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5DABFA50-3C45-4841-945B-FBC40B9C94B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD91588-5963-4CDE-8C51-B2B4C75C1628",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "(1) snmp.php and (2) rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors."
},
{
"lang": "es",
"value": "(1) snmp.php y (2) rrd.php en Cacti anterior a v0.8.8b permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de metacaracteres de shell en vectores no especificados."
}
],
"id": "CVE-2013-1435",
"lastModified": "2024-11-21T01:49:34.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-23T16:55:07.027",
"references": [
{
"source": "security@debian.org",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/54181"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54386"
},
{
"source": "security@debian.org",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7392"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7393"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=50593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/08/07/15"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-07 21:15
Modified
2024-10-17 18:09
Severity ?
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
Summary
Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `title` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Cacti/cacti/security/advisories/GHSA-fgc6-g8gc-wcg5 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE0430A-4E9B-452F-A7EC-029F210FDDFE",
"versionEndExcluding": "1.2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `title` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de trabajo de gesti\u00f3n de errores y rendimiento de c\u00f3digo abierto. El par\u00e1metro `title` no se desinfecta correctamente al guardar enlaces externos en links.php. Adem\u00e1s, dicho par\u00e1metro title se almacena en la base de datos y se refleja de nuevo al usuario en index.php, lo que finalmente genera XSS almacenado. Los usuarios con el privilegio de crear enlaces externos pueden manipular el par\u00e1metro `title` en la solicitud de publicaci\u00f3n http mientras crean enlaces externos para realizar ataques XSS almacenados. La vulnerabilidad conocida como XSS (Cross-Site Scripting) ocurre cuando una aplicaci\u00f3n permite que se muestre una entrada de usuario no confiable en una p\u00e1gina web sin la validaci\u00f3n o el escape adecuados. Este problema se ha solucionado en la versi\u00f3n de lanzamiento 1.2.28. Se recomienda a todos los usuarios que actualicen. No existen workarounds conocidas para esta vulnerabilidad."
}
],
"id": "CVE-2024-43364",
"lastModified": "2024-10-17T18:09:43.320",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 5.3,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-07T21:15:16.017",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-fgc6-g8gc-wcg5"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-18 02:29
Modified
2024-11-21 03:10
Severity ?
Summary
A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100490 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1039208 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/907 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100490 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039208 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/907 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAFEF3A-7F11-4C9A-8739-8E135FF8A9B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Cacti 1.1.17 en el par\u00e1metro method en spikekill.php."
}
],
"id": "CVE-2017-12927",
"lastModified": "2024-11-21T03:10:26.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-18T02:29:00.177",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/100490"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039208"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/100490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/907"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-16 04:15
Modified
2024-11-21 05:36
Severity ?
Summary
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 | |
| suse | package_hub | - | |
| suse | linux_enterprise | 12.0 | |
| fedoraproject | extra_packages_for_enterprise_linux | 7.0 | |
| fedoraproject | extra_packages_for_enterprise_linux | 8.0 | |
| fedoraproject | extra_packages_for_enterprise_linux | 9.0 | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB72E0C8-BC84-4F75-A844-9D9D41031118",
"versionEndExcluding": "1.2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284A8DA0-317B-4BBE-AECB-7E91BBF0DD3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC8B78D-1131-4F21-919D-8AC79A410FB9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9C7598-4BB4-442A-86DF-EEDE041A4CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB176AC3-3CDA-4DDA-9089-C67B2F73AA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C30C1AC-01E4-4D7C-B03A-8EEEF3FC8C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS)."
},
{
"lang": "es",
"value": "Cacti versi\u00f3n 1.2.8, tiene un vulnerabilidad de tipo XSS almacenado en los archivos data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, y user_group_admin.php, como es demostrado por el par\u00e1metro description en el archivo data_sources.php (una cadena sin procesar desde la base de datos que se despliega con $header para activar un ataque de tipo XSS)."
}
],
"id": "CVE-2020-7106",
"lastModified": "2024-11-21T05:36:38.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-16T04:15:11.697",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3191"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-40"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-25 17:55
Modified
2024-11-21 01:33
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | 0.5 | |
| cacti | cacti | 0.6 | |
| cacti | cacti | 0.6.1 | |
| cacti | cacti | 0.6.2 | |
| cacti | cacti | 0.6.3 | |
| cacti | cacti | 0.6.4 | |
| cacti | cacti | 0.6.5 | |
| cacti | cacti | 0.6.6 | |
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.6.8 | |
| cacti | cacti | 0.6.8a | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e | |
| cacti | cacti | 0.8.7f | |
| cacti | cacti | 0.8.7g |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C03B77D-FD3D-4991-8A77-8EA07C762A77",
"versionEndIncluding": "0.8.7h",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B288DDB7-BBD6-4EE1-BBF6-7C15837C1741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF50D0E4-94BC-433F-8986-4E2D9AF61A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE433B1-7F0B-4D16-8FD5-A5E193EC983A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD541744-A938-44A8-89A5-DE1B39DA1301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7A1EE2-2C80-46B2-B55A-17D200D722BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21352C22-E89D-482E-A704-1E1EFE0F4959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "51B3887B-078A-459D-AFCF-4BDBDB3B1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1740FA47-7129-47C0-9EA8-3D5FE1881AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "330C515B-6DD0-4C41-97C8-87689CD443F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "6537BC21-D7C5-4EEB-BE7A-D1C9A27E290D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en logout.php en Cacti, permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2011-5223",
"lastModified": "2024-11-21T01:33:55.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-10-25T17:55:04.937",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"source": "cve@mitre.org",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"source": "cve@mitre.org",
"url": "http://forums.cacti.net/viewtopic.php?f=4\u0026t=45871"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47195"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/51048"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.cacti.net/view.php?id=2062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.cacti.net/viewtopic.php?f=21\u0026t=44116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://forums.cacti.net/viewtopic.php?f=4\u0026t=45871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/51048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71792"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-10 18:29
Modified
2024-11-21 03:07
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1038908 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/847 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038908 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/847 | Exploit, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBF429F-68C6-4FBE-ACE3-E391B0DDAB02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en aggregate_graphs.php en Cacti versi\u00f3n 1.1.12, permite a los usuarios autenticados a distancia inyectar secuencias de comandos web arbitrarias o HTML mediante cabeceras de referencia HTTP especialmente dise\u00f1adas, relacionadas con la variable $cancel_url."
}
],
"id": "CVE-2017-11163",
"lastModified": "2024-11-21T03:07:14.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-10T18:29:00.193",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038908"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/847"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `graphs.php` displays graph details such as data-source paths, data template information and graph related fields. _CENSUS_ found that an adversary that is able to configure either a data-source template with malicious code appended in the data-source name or a device with a malicious payload injected in the device name, may deploy a stored XSS attack against any user with _General Administration>Graphs_ privileges. A user that possesses the _Template Editor>Data Templates_ permissions can configure the data-source name in _cacti_. Please note that this may be a _low privileged_ user. This configuration occurs through `http://<HOST>/cacti/data_templates.php` by editing an existing or adding a new data template. If a template is linked to a graph then the formatted template name will be rendered in the graph's management page. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device name in _cacti_. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should add manual HTML escaping.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `graphs.php` displays graph details such as data-source paths, data template information and graph related fields. _CENSUS_ found that an adversary that is able to configure either a data-source template with malicious code appended in the data-source name or a device with a malicious payload injected in the device name, may deploy a stored XSS attack against any user with _General Administration\u003eGraphs_ privileges. A user that possesses the _Template Editor\u003eData Templates_ permissions can configure the data-source name in _cacti_. Please note that this may be a _low privileged_ user. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_templates.php` by editing an existing or adding a new data template. If a template is linked to a graph then the formatted template name will be rendered in the graph\u0027s management page. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device name in _cacti_. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should add manual HTML escaping.\n"
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos ser\u00e1n visualizados por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo \"graphs.php\" muestra detalles del gr\u00e1fico como rutas de origen de datos, informaci\u00f3n de la plantilla de datos y campos relacionados con el gr\u00e1fico _CENSUS_ descubri\u00f3 que un adversario que es capaz de configurar una plantilla de fuente de datos con c\u00f3digo malicioso a\u00f1adido en el nombre de la fuente de datos o un dispositivo con una carga maliciosa inyectada en el nombre del dispositivo, puede desplegar un ataque XSS almacenado contra cualquier usuario con privilegios de Administraci\u00f3n General - Gr\u00e1ficos. Un usuario que posea los permisos de Editor de plantillas - Plantilla de datos puede configurar el nombre de la fuente de datos en cacti. Tenga en cuenta que puede tratarse de un usuario con privilegios bajos. Esta configuraci\u00f3n se realiza a trav\u00e9s de \"http:///cacti/data_templates.php\" editando una plantilla de datos existente o a\u00f1adiendo una nueva. Si una plantilla est\u00e1 vinculada a un gr\u00e1fico, el nombre formateado de la plantilla se mostrar\u00e1 en la p\u00e1gina de gesti\u00f3n del gr\u00e1fico. Un usuario que posea los permisos Administraci\u00f3n General - Sitios/Dispositivos/Datos puede configurar el nombre del dispositivos en cacti. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que la actualicen. Los usuarios que no puedan actualizar deber\u00e1n a\u00f1adir manualmente el escape HTML. "
}
],
"id": "CVE-2023-39514",
"lastModified": "2024-11-21T08:15:34.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:47.297",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-20 05:15
Modified
2024-11-21 05:36
Severity ?
Summary
Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D05824B-4E66-44CA-A862-0DDDB23C8C88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product."
},
{
"lang": "es",
"value": "Cacti versi\u00f3n 1.2.8, permite una ejecuci\u00f3n de c\u00f3digo remota (por parte de usuarios privilegiados) por medio de metacaracteres de shell en el campo Performance Boost Debug Log del archivo poller_automation.php. Los comandos del Sistema Operativo son ejecutados cuando un nuevo ciclo de sondeo comienza. El atacante necesita estar autenticado y tener acceso para modificar la Configuraci\u00f3n de Desempe\u00f1o del producto."
}
],
"id": "CVE-2020-7237",
"lastModified": "2024-11-21T05:36:53.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-20T05:15:11.687",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://ctrsec.io/index.php/2020/01/25/cve-2020-7237-remote-code-execution-in-cacti-rrdtool/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3201"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202003-40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://ctrsec.io/index.php/2020/01/25/cve-2020-7237-remote-code-execution-in-cacti-rrdtool/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202003-40"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-10 23:29
Modified
2024-11-21 03:16
Severity ?
Summary
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1039774 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1071 | Exploit, Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039774 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1071 | Exploit, Issue Tracking, Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "90B513DA-BA6E-4BE9-B299-F02F3784262C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php."
},
{
"lang": "es",
"value": "Cacti 1.1.27 tiene XSS reflejado mediante PATH_INFO en host.php."
}
],
"id": "CVE-2017-16785",
"lastModified": "2024-11-21T03:16:58.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-10T23:29:00.447",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039774"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1071"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-22 17:15
Modified
2024-11-21 08:38
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5814EC-CFCB-4066-9260-FF78B45E2089",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `\u2018managers.php\u2019`. An authenticated attacker with the \u201cSettings/Utilities\u201d permission can send a crafted HTTP GET request to the endpoint `\u2018/cacti/managers.php\u2019` with an SQLi payload in the `\u2018selected_graphs_array\u2019` HTTP GET parameter. As of time of publication, no patched versions exist."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallos. La versi\u00f3n 1.2.25 tiene una vulnerabilidad de inyecci\u00f3n Blind SQL (SQLi) dentro de la funci\u00f3n de receptores de notificaciones SNMP en el archivo ``managers.php\u0027\u0027. Un atacante autenticado con el permiso \"Configuraci\u00f3n/Utilidades\" puede enviar una solicitud HTTP GET manipulada al endpoint `\u0027/cacti/managers.php\u0027` con un payload SQLi en el par\u00e1metro HTTP GET `\u0027selected_graphs_array\u0027`. Al momento de la publicaci\u00f3n, no existen versiones parcheadas."
}
],
"id": "CVE-2023-51448",
"lastModified": "2024-11-21T08:38:08.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-22T17:15:09.960",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/managers.php#L941"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/managers.php#L941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-w85f-7c4w-7594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-12 16:29
Modified
2024-11-21 03:40
Severity ?
Summary
Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER['PHP_SELF'] instead of $_SERVER['SCRIPT_NAME'] to determine a page name.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1040620 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1457 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://www.cacti.net/changelog.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040620 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1457 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cacti.net/changelog.php | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C92D7852-1A41-488B-AB85-52980A371CB4",
"versionEndIncluding": "1.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER[\u0027PHP_SELF\u0027] instead of $_SERVER[\u0027SCRIPT_NAME\u0027] to determine a page name."
},
{
"lang": "es",
"value": "Cacti, en versiones anteriores a la 1.1.37, tiene Cross-Site Scripting (XSS) debido a que la funci\u00f3n get_current_page en lib/functions.php depende de $_SERVER[\u0027PHP_SELF\u0027] en lugar de $_SERVER[\u0027SCRIPT_NAME\u0027] para determinar un nombre de p\u00e1gina."
}
],
"id": "CVE-2018-10059",
"lastModified": "2024-11-21T03:40:44.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-12T16:29:00.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cacti.net/changelog.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:38
Modified
2024-12-18 20:44
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls `compat_password_verify`. In `compat_password_verify`, `password_verify` is called if there is it, else use `md5`. `password_verify` and `password_hash` are supported on PHP < 5.5.0, following PHP manual. The vulnerability is in `compat_password_verify`. Md5-hashed user input is compared with correct password in database by `$md5 == $hash`. It is a loose comparison, not `===`. It is a type juggling vulnerability. Version 1.2.27 contains a patch for the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls `compat_password_verify`. In `compat_password_verify`, `password_verify` is called if there is it, else use `md5`. `password_verify` and `password_hash` are supported on PHP \u003c 5.5.0, following PHP manual. The vulnerability is in `compat_password_verify`. Md5-hashed user input is compared with correct password in database by `$md5 == $hash`. It is a loose comparison, not `===`. It is a type juggling vulnerability. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de la versi\u00f3n 1.2.27, Cacti llama a `compat_password_hash` cuando los usuarios establecen su contrase\u00f1a. `compat_password_hash` usa `password_hash` si lo hay, de lo contrario usa `md5`. Al verificar la contrase\u00f1a, llama a `compat_password_verify`. En `compat_password_verify`, se llama a `password_verify` si existe; de lo contrario, use `md5`. `password_verify` y `password_hash` son compatibles con PHP \u0026lt; 5.5.0, siguiendo el manual de PHP. La vulnerabilidad est\u00e1 en `compat_password_verify`. La entrada del usuario con hash Md5 se compara con la contrase\u00f1a correcta en la base de datos mediante `$md5 == $hash`. Es una comparaci\u00f3n vaga, no `===`. Es un tipo de vulnerabilidad que hace malabarismos. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-34340",
"lastModified": "2024-12-18T20:44:22.890",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:38:39.517",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
},
{
"lang": "en",
"value": "CWE-697"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-697"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-11 21:59
Modified
2024-11-21 02:38
Severity ?
Summary
SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C69488-CAAE-4612-B3A3-C5789C2D772B",
"versionEndIncluding": "0.8.8f",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n host_new_graphs en graphs_new.php en Cacti 0.8.8f y versiones anteriores permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro cg_g en una acci\u00f3n de guardado."
}
],
"id": "CVE-2015-8604",
"lastModified": "2024-11-21T02:38:48.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-11T21:59:12.570",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2652"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/16"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3494"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/8"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/9"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034573"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-23 15:55
Modified
2024-11-21 02:06
Severity ?
Summary
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | * | |
| fedoraproject | fedora | 19 | |
| fedoraproject | fedora | 20 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D08EEA74-DEA9-4547-9028-9FE66BAF1CA3",
"versionEndIncluding": "0.8.7g",
"versionStartIncluding": "0.8.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA00CF6C-501D-4212-A6C8-85644E40455C",
"versionEndIncluding": "0.8.8b",
"versionStartIncluding": "0.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors."
},
{
"lang": "es",
"value": "lib/graph_export.php en Cacti 0.8.7g, 0.8.8b y anteriores permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en vectores no especificados."
}
],
"evaluatorComment": "Per: https://cwe.mitre.org/data/definitions/77.html\n\n\"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"",
"id": "CVE-2014-2328",
"lastModified": "2024-11-21T02:06:05.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-23T15:55:03.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.cacti.net/view.php?id=2433"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59203"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7442"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66387"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.cacti.net/view.php?id=2433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-29 12:07
Modified
2024-11-21 01:57
Severity ?
Summary
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| cacti | cacti | * | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6 | |
| cacti | cacti | 0.8.6a | |
| cacti | cacti | 0.8.6b | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6d | |
| cacti | cacti | 0.8.6e | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6g | |
| cacti | cacti | 0.8.6h | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.6k | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a | |
| cacti | cacti | 0.8.7b | |
| cacti | cacti | 0.8.7c | |
| cacti | cacti | 0.8.7d | |
| cacti | cacti | 0.8.7e | |
| cacti | cacti | 0.8.7f | |
| cacti | cacti | 0.8.7g | |
| cacti | cacti | 0.8.7h | |
| cacti | cacti | 0.8.7i | |
| cacti | cacti | 0.8.8 | |
| cacti | cacti | 0.8.8a | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAF93EB-D502-4210-AD60-A01FE14F077E",
"versionEndIncluding": "0.8.8b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C4290992-9EF9-41D4-8AB5-6744370A25E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "E239B64D-6B94-4E77-8245-5293247F09D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "0F794F36-3073-43C5-A6C7-BADBCF6B735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "76CB86A0-E3A9-4A43-B98B-46654EFE21A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "9B41942D-A4A9-4916-99E6-DA36EB747BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "6537BC21-D7C5-4EEB-BE7A-D1C9A27E290D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7h:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0D40E1-6A0F-4AE7-97A5-D2230BBF4FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC44FEA-FB88-4620-B200-E188C7A2BFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5DABFA50-3C45-4841-945B-FBC40B9C94B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD91588-5963-4CDE-8C51-B2B4C75C1628",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en cacti/host.php en Cacti v0.8.8b y anteriores, permite a atacantes remotos ejecutar comandos SQL a trav\u00e9s del par\u00e1metro \"id\"."
}
],
"id": "CVE-2013-5589",
"lastModified": "2024-11-21T01:57:45.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-29T12:07:56.123",
"references": [
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/54652"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/62005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://bugs.cacti.net/view.php?id=2383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62005"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:25
Modified
2024-12-18 20:49
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de la versi\u00f3n 1.2.27, hab\u00eda un problema de inclusi\u00f3n de archivos en el archivo `lib/plugin.php`. Combinado con vulnerabilidades de inyecci\u00f3n SQL, se puede implementar la ejecuci\u00f3n remota de c\u00f3digo. Hay un problema de inclusi\u00f3n de archivos con la funci\u00f3n `api_plugin_hook()` en el archivo `lib/plugin.php`, que lee las tablas plugin_hooks y plugin_config en la base de datos. Los datos le\u00eddos se utilizan directamente para concatenar la ruta del archivo que se utiliza para la inclusi\u00f3n del archivo. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-31459",
"lastModified": "2024-12-18T20:49:57.357",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:25:26.110",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-98"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-23 15:55
Modified
2024-11-21 02:06
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D08EEA74-DEA9-4547-9028-9FE66BAF1CA3",
"versionEndIncluding": "0.8.7g",
"versionStartIncluding": "0.8.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA00CF6C-501D-4212-A6C8-85644E40455C",
"versionEndIncluding": "0.8.8b",
"versionStartIncluding": "0.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en Cacti 0.8.7g, 0.8.8b y anteriores permite a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios para comandos no especificados, tal y como fue demostrado por solicitudes que (1)modifican archivos binarios, (2) modifican configuraciones o (3) a\u00f1aden usuarios arbitrarios."
}
],
"id": "CVE-2014-2327",
"lastModified": "2024-11-21T02:06:05.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-04-23T15:55:03.390",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN55076671/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59203"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66392"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN55076671/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/531588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-08 05:29
Modified
2024-11-21 03:16
Severity ?
Summary
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1066 | Exploit, Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1066 | Exploit, Issue Tracking, Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "90B513DA-BA6E-4BE9-B299-F02F3784262C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header."
},
{
"lang": "es",
"value": "La versi\u00f3n 1.1.27 de Cacti permite que administradores remotos autenticados lleven a cabo ataques de ejecuci\u00f3n remota de c\u00f3digo colocando la ruta de acceso a registros bajo la ra\u00edz web y, a continuaci\u00f3n, realizando una petici\u00f3n remote_agent-php que contenga c\u00f3digo PHP en una cabecera Client-ip."
}
],
"id": "CVE-2017-16660",
"lastModified": "2024-11-21T03:16:46.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-08T05:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/Cacti/cacti/issues/1066"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-15 07:15
Modified
2024-11-21 05:36
Severity ?
Summary
data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -> Data Input Methods -> Unix -> Ping Host. NOTE: the vendor has stated "This is a false alarm.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Cacti/cacti/issues/3186 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/3186 | Exploit, Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D05824B-4E66-44CA-A862-0DDDB23C8C88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -\u003e Data Input Methods -\u003e Unix -\u003e Ping Host. NOTE: the vendor has stated \"This is a false alarm."
},
{
"lang": "es",
"value": "** EN DISPUTA** el archivo data_input.php en Cacti versi\u00f3n 1.2.8, permite una ejecuci\u00f3n de c\u00f3digo remota por medio de una Cadena de Entrada dise\u00f1ada en Data Collection-) Data Input Methods -) Unix -) Ping Host. NOTA: el vendedor ha declarado \"Esto es una falsa alarma\"."
}
],
"id": "CVE-2020-7058",
"lastModified": "2024-11-21T05:36:35.013",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-15T07:15:12.927",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/3186"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `host.php` is used to monitor and manage hosts in the _cacti_ app, hence displays useful information such as data queries and verbose logs. _CENSUS_ found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the _General Administration>Sites/Devices/Data_ privileges. A user that possesses the _Template Editor>Data Queries_ permissions can configure the data query template path in _cacti_. Please note that such a user may be a low privileged user. This configuration occurs through `http://<HOST>/cacti/data_queries.php` by editing an existing or adding a new data query template. If a template is linked to a device then the formatted template path will be rendered in the device's management page, when a _verbose data query_ is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `host.php` is used to monitor and manage hosts in the _cacti_ app, hence displays useful information such as data queries and verbose logs. _CENSUS_ found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the _General Administration\u003eSites/Devices/Data_ privileges. A user that possesses the _Template Editor\u003eData Queries_ permissions can configure the data query template path in _cacti_. Please note that such a user may be a low privileged user. This configuration occurs through `http://\u003cHOST\u003e/cacti/data_queries.php` by editing an existing or adding a new data query template. If a template is linked to a device then the formatted template path will be rendered in the device\u0027s management page, when a _verbose data query_ is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos ser\u00e1n visualizados por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo `host.php` se utiliza para monitorear y administrar hosts en la aplicaci\u00f3n _cacti_, por lo que muestra informaci\u00f3n \u00fatil, como consultas de datos y registros detallados._CENSUS_ descubri\u00f3 que un adversario es capaz de configurar una plantilla de consulta de datos con c\u00f3digo malicioso a\u00f1adido en la ruta de la plantilla, para implementar un ataque XSS almacenado contra cualquier usuario con privilegios de _Administraci\u00f3n general\u0026gt;Sitios/Dispositivos/Datos_. Un usuario que posee los permisos _Editor de plantillas\u0026gt;Consultas de datos_ puede configurar la ruta de la plantilla de consulta de datos en _cacti_.Tenga en cuenta que dicho usuario puede ser un usuario con pocos privilegios. Esta configuraci\u00f3n se produce a trav\u00e9s de `http:///cacti/data_queries.php` editando una plantilla de consulta de datos existente o agregando una nueva. Si una plantilla est\u00e1 vinculada a un dispositivo, la ruta de la plantilla formateada se mostrar\u00e1 en la p\u00e1gina de administraci\u00f3n del dispositivo, cuando se solicite una _consulta de datos detallada_. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML."
}
],
"id": "CVE-2023-39513",
"lastModified": "2024-11-21T08:15:34.453",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:47.213",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-11 15:59
Modified
2024-11-21 02:50
Severity ?
Summary
SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BADE3A0-FB6D-42BD-9BAF-CB6BF20CE47F",
"versionEndIncluding": "0.8.8g",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en graph_view.php en Cacti 0.8.8.g permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro host_group_data."
}
],
"id": "CVE-2016-3659",
"lastModified": "2024-11-21T02:50:28.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-11T15:59:07.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2673"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/85806"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201607-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.cacti.net/view.php?id=2673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/85806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201607-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-12 16:29
Modified
2024-11-21 03:40
Severity ?
Summary
Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1040620 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/Cacti/cacti/issues/1457 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.cacti.net/changelog.php | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040620 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Cacti/cacti/issues/1457 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cacti.net/changelog.php | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C92D7852-1A41-488B-AB85-52980A371CB4",
"versionEndIncluding": "1.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used)."
},
{
"lang": "es",
"value": "Cacti, en versiones anteriores a la 1.1.37, tiene Cross-Site Scripting (XSS) debido a que realiza ciertas llamadas htmlspecialchars sin la marca ENT_QUOTES (estas llamadas ocurren cuando no se emplea la funci\u00f3n html_escape en lib/html.php)."
}
],
"id": "CVE-2018-10061",
"lastModified": "2024-11-21T03:40:44.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-12T16:29:00.353",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/changelog.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/1457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/changelog.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Se descubri\u00f3 una vulnerabilidad de inyecci\u00f3n SQL autenticada que permite a los usuarios autenticados realizar una escalada de privilegios y la ejecuci\u00f3n remota de c\u00f3digo. La vulnerabilidad reside en el archivo `reports_user.php`. En `ajax_get_branches` el par\u00e1metro `tree_id` pasa por la funci\u00f3n `reports_get_branch_select` sin ninguna validaci\u00f3n.Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad."
}
],
"id": "CVE-2023-39358",
"lastModified": "2024-11-21T08:15:13.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:08.733",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration, device name related to the datasource etc.) for different data visualizations of the _cacti_ app. _CENSUS_ found that an adversary that is able to configure a malicious device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_\u0027s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim\u0027s browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration, device name related to the datasource etc.) for different data visualizations of the _cacti_ app. _CENSUS_ found that an adversary that is able to configure a malicious device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration\u003eSites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://\u003cHOST\u003e/cacti/host.php`, while the rendered malicious payload is exhibited at `http://\u003cHOST\u003e/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativo y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de _cacti_. Estos datos ser\u00e1n vistos por las cuentas administrativas de _cacti_ y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo \"data_sources.php\" muestra la informaci\u00f3n de gesti\u00f3n de la fuente de datos (por ejemplo, ruta de la fuente de datos, configuraci\u00f3n de sondeo, nombre del dispositivo relacionado con la fuente de datos, etc.) para diferentes visualizaciones de datos de la aplicaci\u00f3n _cacti_. _CENSUS_ descubri\u00f3 que un adversario que es capaz de configurar un nombre de dispositivo malicioso, puede desplegar un ataque de XSS almacenado contra cualquier usuario con los mismos privilegios (o m\u00e1s amplios). Un usuario que posea los permisos de _Administraci\u00f3n General - Sitios/Dispositivos/Datos_ puede configurar los nombres de los dispositivos en _cacti_. Esta configuraci\u00f3n se produce a trav\u00e9s de \"http:///cacti/host.php\", mientras que el payload malicioso renderizado se exhibe en \"http:///cacti/data_sources.php\". Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deber\u00e1n filtrar manualmente la salida HTML."
}
],
"id": "CVE-2023-39512",
"lastModified": "2024-11-21T08:15:34.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:47.127",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 22:15
Modified
2024-11-21 08:15
Severity ?
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It's value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.24 | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It\u0027s value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de gesti\u00f3n de fallas y monitoreo operativo de c\u00f3digo abierto. En Cacti 1.2.24, los usuarios con acceso a la consola pueden ser redirigidos a un sitio web arbitrario despu\u00e9s de realizar un cambio de contrase\u00f1a a trav\u00e9s de una URL espec\u00edficamente manipulada. El archivo `auth_changepassword.php` acepta `ref` como par\u00e1metro de URL y lo refleja en el formulario utilizado para realizar el cambio de contrase\u00f1a. Su valor se utiliza para realizar una redirecci\u00f3n a trav\u00e9s de la funci\u00f3n PHP \"header\". Se puede enga\u00f1ar a un usuario para que realice la operaci\u00f3n de cambio de contrase\u00f1a, por ejemplo, mediante un mensaje de phishing, y luego interact\u00fae con el sitio web malicioso donde se realiz\u00f3 la redirecci\u00f3n, por ejemplo, descargando malware, proporcionando credenciales, etc. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"id": "CVE-2023-39364",
"lastModified": "2024-11-21T08:15:14.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T22:15:08.910",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-21 23:15
Modified
2024-11-21 08:32
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5814EC-CFCB-4066-9260-FF78B45E2089",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server. "
},
{
"lang": "es",
"value": "Cacti es un framework robusto de gesti\u00f3n de fallos y rendimiento y una interfaz para RRDTool - a Time Series Database (TSDB). Al utilizar la inyecci\u00f3n SQL detectada y el procesamiento insuficiente de la ruta del archivo incluido, es posible ejecutar c\u00f3digo arbitrario en el servidor. La explotaci\u00f3n de la vulnerabilidad es posible para un usuario autorizado. El componente vulnerable es `link.php`. Impacto de la vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario en el servidor."
}
],
"id": "CVE-2023-49084",
"lastModified": "2024-11-21T08:32:47.303",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-21T23:15:09.337",
"references": [
{
"source": "security-advisories@github.com",
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-98"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-16 16:29
Modified
2024-11-21 04:02
Severity ?
Summary
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7FEEA7-B141-4E6E-8B73-4DFF4844A341",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad Cross-Site Scripting (XSS) en host.php (mediante tree.php) en Cacti, en versiones anteriores a la 1.2.0, debido a la falta de escapado de caracteres no planeados en el campo Website Hostname de Devices."
}
],
"id": "CVE-2018-20726",
"lastModified": "2024-11-21T04:02:02.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T16:29:00.697",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/2213"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-20 17:55
Modified
2024-11-21 02:11
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name in a delete or (9) duplicate action.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8b:*:*:*:*:*:*:*",
"matchCriteriaId": "25C92A47-E876-481D-83DB-0B547F0C101E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name in a delete or (9) duplicate action."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en Cacti 0.8.8b permiten a usuarios remotos autenticados con acceso a la consola inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de (1) un t\u00edtulo de \u00e1rbol de gr\u00e1fico en una acci\u00f3n de eliminaci\u00f3n o (2) de editar; (3) CDEF Name, (4) Data Input Method Name, o (5) Host Templates Name en una acci\u00f3n de eliminaci\u00f3n; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name en una acci\u00f3n de eliminaci\u00f3n o (9) duplicar."
}
],
"id": "CVE-2014-5026",
"lastModified": "2024-11-21T02:11:18.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-20T17:55:06.197",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/oss-sec/2014/q3/244"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94816"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.cacti.net/view.php?id=2456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/oss-sec/2014/q3/244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-05 21:15
Modified
2024-11-21 08:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8",
"versionEndExcluding": "1.2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Se ha descubierto una vulnerabilidad de inyecci\u00f3n SQL autenticada que permite a los usuarios autenticados realizar escalada de privilegios y ejecuci\u00f3n remota de c\u00f3digo. La vulnerabilidad reside en el archivo `graphs.php`. Cuando se trata de los casos de ajax_hosts y ajax_hosts_noany, si el par\u00e1metro `site_id` es mayor a 0, se refleja directamente en la cl\u00e1usula WHERE de la declaraci\u00f3n SQL. This creates an SQL injection vulnerability. Esto crea una vulnerabilidad de inyecci\u00f3n SQL. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"id": "CVE-2023-39359",
"lastModified": "2024-11-21T08:15:14.143",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-05T21:15:46.143",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "security-advisories@github.com",
"url": "https://www.debian.org/security/2023/dsa-5550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5550"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:17
Modified
2024-12-18 21:10
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Summary
Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Las versiones de Cacti anteriores a la 1.2.27 contienen una vulnerabilidad residual de Cross Site Scripting causada por una soluci\u00f3n incompleta para CVE-2023-50250. `raise_message_javascript` de `lib/functions.php` ahora usa purify.js para corregir CVE-2023-50250 (entre otros). Sin embargo, todav\u00eda genera el c\u00f3digo a partir de las variables PHP sin escape `$title` y `$header`. Si esas variables contienen comillas simples, se pueden usar para inyectar c\u00f3digo JavaScript. Un atacante que aproveche esta vulnerabilidad podr\u00eda ejecutar acciones en nombre de otros usuarios. Esta capacidad de hacerse pasar por usuarios podr\u00eda dar lugar a cambios no autorizados en la configuraci\u00f3n. La versi\u00f3n 1.2.27 soluciona este problema."
}
],
"id": "CVE-2024-29894",
"lastModified": "2024-12-18T21:10:38.887",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:17:14.577",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-23 15:55
Modified
2024-11-21 02:06
Severity ?
Summary
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| cacti | cacti | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D08EEA74-DEA9-4547-9028-9FE66BAF1CA3",
"versionEndIncluding": "0.8.7g",
"versionStartIncluding": "0.8.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA00CF6C-501D-4212-A6C8-85644E40455C",
"versionEndIncluding": "0.8.8b",
"versionStartIncluding": "0.8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters."
},
{
"lang": "es",
"value": "lib/rrd.php en Cacti 0.8.7g, 0.8.8b y anteriores permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en par\u00e1metros no especificados."
}
],
"evaluatorComment": "Per: https://cwe.mitre.org/data/definitions/77.html\n\n\"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"",
"id": "CVE-2014-2709",
"lastModified": "2024-11-21T02:06:48.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-23T15:55:04.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57647"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59203"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66630"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201509-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2014/q2/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/57647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.cacti.net/viewvc?view=rev\u0026revision=7439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201509-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-17 13:18
Modified
2024-11-21 03:04
Severity ?
Summary
Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/ | Mailing List, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.8b:*:*:*:*:*:*:*",
"matchCriteriaId": "25C92A47-E876-481D-83DB-0B547F0C101E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site scripting (XSS) en cactus versi\u00f3n 0.8.8b, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio del par\u00e1metro parent_id en archivo tree.php y par\u00e1metro drp_action en archivo data_sources.php."
}
],
"id": "CVE-2017-1000032",
"lastModified": "2024-11-21T03:04:00.833",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T13:18:16.983",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-19 21:15
Modified
2024-11-21 06:22
Severity ?
Summary
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://www.cacti.net/info/changelog | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cacti.net/info/changelog | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFA713C-B4BF-4F75-BF58-68904DC58CB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via \"Copy\" method at user_group_admin.php."
},
{
"lang": "es",
"value": "Cacti versi\u00f3n 1.1.38, permite a usuarios autenticados con permisos de administraci\u00f3n de usuarios inyectar HTML arbitrario en el campo group_prefix durante la creaci\u00f3n de un nuevo grupo por medio del m\u00e9todo \"Copy\" en el archivo user_group_admin.php"
}
],
"id": "CVE-2021-3816",
"lastModified": "2024-11-21T06:22:31.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-19T21:15:08.497",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/info/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.cacti.net/info/changelog"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-05 21:15
Modified
2024-11-21 07:30
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determine the IP address of the client. The variables beginning with `HTTP_` can be arbitrarily set by an attacker. Since there is a default entry in the `poller` table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header `Forwarded-For: <TARGETIP>`. This way the function `get_client_addr` returns the IP address of the server running Cacti. The following call to `gethostbyaddr` will resolve this IP address to the hostname of the server, which will pass the `poller` hostname check because of the default entry. After the authorization of the `remote_agent.php` file is bypassed, an attacker can trigger different actions. One of these actions is called `polldata`. The called function `poll_for_data` retrieves a few request parameters and loads the corresponding `poller_item` entries from the database. If the `action` of a `poller_item` equals `POLLER_ACTION_SCRIPT_PHP`, the function `proc_open` is used to execute a PHP script. The attacker-controlled parameter `$poller_id` is retrieved via the function `get_nfilter_request_var`, which allows arbitrary strings. This variable is later inserted into the string passed to `proc_open`, which leads to a command injection vulnerability. By e.g. providing the `poller_id=;id` the `id` command is executed. In order to reach the vulnerable call, the attacker must provide a `host_id` and `local_data_id`, where the `action` of the corresponding `poller_item` is set to `POLLER_ACTION_SCRIPT_PHP`. Both of these ids (`host_id` and `local_data_id`) can easily be bruteforced. The only requirement is that a `poller_item` with an `POLLER_ACTION_SCRIPT_PHP` action exists. This is very likely on a productive instance because this action is added by some predefined templates like `Device - Uptime` or `Device - Polling Time`.
This command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a `poller_item` with the `action` type `POLLER_ACTION_SCRIPT_PHP` (`2`) is configured. The authorization bypass should be prevented by not allowing an attacker to make `get_client_addr` (file `lib/functions.php`) return an arbitrary IP address. This could be done by not honoring the `HTTP_...` `$_SERVER` variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with `1.2.23` being the first release containing the patch.
References
{
"cisaActionDue": "2023-03-09",
"cisaExploitAdd": "2023-02-16",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Cacti Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B252EEC1-25BE-428B-96CA-22A0E812D3BA",
"versionEndExcluding": "1.2.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determine the IP address of the client. The variables beginning with `HTTP_` can be arbitrarily set by an attacker. Since there is a default entry in the `poller` table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header `Forwarded-For: \u003cTARGETIP\u003e`. This way the function `get_client_addr` returns the IP address of the server running Cacti. The following call to `gethostbyaddr` will resolve this IP address to the hostname of the server, which will pass the `poller` hostname check because of the default entry. After the authorization of the `remote_agent.php` file is bypassed, an attacker can trigger different actions. One of these actions is called `polldata`. The called function `poll_for_data` retrieves a few request parameters and loads the corresponding `poller_item` entries from the database. If the `action` of a `poller_item` equals `POLLER_ACTION_SCRIPT_PHP`, the function `proc_open` is used to execute a PHP script. The attacker-controlled parameter `$poller_id` is retrieved via the function `get_nfilter_request_var`, which allows arbitrary strings. This variable is later inserted into the string passed to `proc_open`, which leads to a command injection vulnerability. By e.g. providing the `poller_id=;id` the `id` command is executed. In order to reach the vulnerable call, the attacker must provide a `host_id` and `local_data_id`, where the `action` of the corresponding `poller_item` is set to `POLLER_ACTION_SCRIPT_PHP`. Both of these ids (`host_id` and `local_data_id`) can easily be bruteforced. The only requirement is that a `poller_item` with an `POLLER_ACTION_SCRIPT_PHP` action exists. This is very likely on a productive instance because this action is added by some predefined templates like `Device - Uptime` or `Device - Polling Time`.\n\nThis command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a `poller_item` with the `action` type `POLLER_ACTION_SCRIPT_PHP` (`2`) is configured. The authorization bypass should be prevented by not allowing an attacker to make `get_client_addr` (file `lib/functions.php`) return an arbitrary IP address. This could be done by not honoring the `HTTP_...` `$_SERVER` variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with `1.2.23` being the first release containing the patch."
},
{
"lang": "es",
"value": "Cacti es una plataforma de c\u00f3digo abierto que proporciona un framework de gesti\u00f3n de fallos y supervisi\u00f3n operativa robusta y extensible para los usuarios. En las versiones afectadas, una vulnerabilidad de inyecci\u00f3n de comandos permite a un usuario no autenticado ejecutar c\u00f3digo arbitrario en un servidor que ejecuta Cacti, si se seleccion\u00f3 una fuente de datos espec\u00edfica para cualquier dispositivo monitoreado. La vulnerabilidad reside en el archivo `remote_agent.php`. Se puede acceder a este archivo sin autenticaci\u00f3n. Esta funci\u00f3n recupera la direcci\u00f3n IP del cliente a trav\u00e9s de `get_client_addr` y resuelve esta direcci\u00f3n IP en el nombre de host correspondiente a trav\u00e9s de `gethostbyaddr`. Despu\u00e9s de esto, se verifica que existe una entrada dentro de la tabla `poller`, donde el nombre de host corresponde al nombre de host resuelto. Si se encuentra dicha entrada, la funci\u00f3n devuelve \"verdadero\" y el cliente est\u00e1 autorizado. Esta autorizaci\u00f3n se puede omitir debido a la implementaci\u00f3n de la funci\u00f3n `get_client_addr`. La funci\u00f3n se define en el archivo `lib/functions.php` y verifica las variables serval `$_SERVER` para determinar la direcci\u00f3n IP del cliente. Un atacante puede establecer arbitrariamente las variables que comienzan con `HTTP_`. Dado que hay una entrada predeterminada en la tabla `poller` con el nombre de host del servidor que ejecuta Cacti, un atacante puede omitir la autenticaci\u00f3n, por ejemplo, proporcionando el encabezado `Forwarded-For: `. De esta forma, la funci\u00f3n `get_client_addr` devuelve la direcci\u00f3n IP del servidor que ejecuta Cacti. La siguiente llamada a `gethostbyaddr` resolver\u00e1 esta direcci\u00f3n IP en el nombre de host del servidor, que pasar\u00e1 la verificaci\u00f3n del nombre de host `poller` debido a la entrada predeterminada. Despu\u00e9s de omitir la autorizaci\u00f3n del archivo `remote_agent.php`, un atacante puede desencadenar diferentes acciones. Una de estas acciones se llama \"polldata\". La funci\u00f3n llamada `poll_for_data` recupera algunos par\u00e1metros de solicitud y carga las entradas correspondientes de `poller_item` de la base de datos. Si la `acci\u00f3n` de un `poller_item` es igual a `POLLER_ACTION_SCRIPT_PHP`, la funci\u00f3n `proc_open` se usa para ejecutar un script PHP. El par\u00e1metro controlado por el atacante `$poller_id` se recupera mediante la funci\u00f3n `get_nfilter_request_var`, que permite cadenas arbitrarias. Esta variable luego se inserta en la cadena pasada a `proc_open`, lo que genera una vulnerabilidad de inyecci\u00f3n de comando. Por ejemplo, al proporcionar `poller_id=;id`, se ejecuta el comando `id`. Para llegar a la llamada vulnerable, el atacante debe proporcionar un `host_id` y un `local_data_id`, donde la `acci\u00f3n` del `poller_item` correspondiente est\u00e1 configurada en `POLLER_ACTION_SCRIPT_PHP`. Ambos identificadores (`host_id` y `local_data_id`) pueden ser f\u00e1cilmente forzados por fuerza bruta. El \u00fanico requisito es que exista un `poller_item` con una acci\u00f3n `POLLER_ACTION_SCRIPT_PHP`. Es muy probable que esto ocurra en una instancia productiva porque esta acci\u00f3n se agrega mediante algunas plantillas predefinidas como \"Device - Uptime` o \"Dispositivo - Polling Time\". Esta vulnerabilidad de inyecci\u00f3n de comandos permite a un usuario no autenticado ejecutar comandos arbitrarios si se configura un `poller_item` con el tipo `action` `POLLER_ACTION_SCRIPT_PHP` (`2`). La omisi\u00f3n de autorizaci\u00f3n debe evitarse al no permitir que un atacante haga que `get_client_addr` (archivo `lib/functions.php`) devuelva una direcci\u00f3n IP arbitraria. Esto podr\u00eda hacerse al no respetar las variables `HTTP_...` `$_SERVER`. Si se deben conservar por razones de compatibilidad, al menos se debe evitar falsificar la direcci\u00f3n IP del servidor que ejecuta Cacti. Esta vulnerabilidad se ha solucionado en las versiones 1.2.x y 1.3.x, siendo `1.2.23` la primera versi\u00f3n que contiene el parche."
}
],
"id": "CVE-2022-46169",
"lastModified": "2024-11-21T07:30:14.963",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-05T21:15:10.527",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
},
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:25
Modified
2024-12-18 20:47
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in `draw_nontemplated_fields_graph_item()` function from `lib/html_form_templates.php` , finally resulting in SQL injection. Version 1.2.27 contains a patch for the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | * | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47529989-64EF-4CBB-AF1D-28A7C1CF36B3",
"versionEndExcluding": "1.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in `draw_nontemplated_fields_graph_item()` function from `lib/html_form_templates.php` , finally resulting in SQL injection. Version 1.2.27 contains a patch for the issue."
},
{
"lang": "es",
"value": "Cacti proporciona un framework de monitoreo operativo y gesti\u00f3n de fallas. Antes de la versi\u00f3n 1.2.27, algunos de los datos almacenados en la funci\u00f3n `form_save()` en `graph_template_inputs.php` no se verifican exhaustivamente y se usan para concatenar la instrucci\u00f3n SQL en la funci\u00f3n `draw_nontemplate_fields_graph_item()` de `lib/html_form_templates. php`, lo que finalmente resulta en una inyecci\u00f3n SQL. La versi\u00f3n 1.2.27 contiene un parche para el problema."
}
],
"id": "CVE-2024-31458",
"lastModified": "2024-12-18T20:47:06.343",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:25:25.307",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-03 23:15
Modified
2024-11-21 06:39
Severity ?
Summary
Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 1.2.19 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BB8CCB-5F52-4248-947C-3F4F1211EF53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types."
},
{
"lang": "es",
"value": "Bajo determinadas condiciones de ldap, la autenticaci\u00f3n de Cacti puede ser omitida con determinados tipos de credenciales"
}
],
"id": "CVE-2022-0730",
"lastModified": "2024-11-21T06:39:16.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-03T23:15:08.253",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/4562"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/Cacti/cacti/issues/4562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5298"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-14 23:00
Modified
2024-11-21 00:42
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cacti | cacti | 0.6.7 | |
| cacti | cacti | 0.8 | |
| cacti | cacti | 0.8.1 | |
| cacti | cacti | 0.8.2 | |
| cacti | cacti | 0.8.2a | |
| cacti | cacti | 0.8.3 | |
| cacti | cacti | 0.8.3a | |
| cacti | cacti | 0.8.4 | |
| cacti | cacti | 0.8.5 | |
| cacti | cacti | 0.8.5a | |
| cacti | cacti | 0.8.6c | |
| cacti | cacti | 0.8.6f | |
| cacti | cacti | 0.8.6i | |
| cacti | cacti | 0.8.6j | |
| cacti | cacti | 0.8.7 | |
| cacti | cacti | 0.8.7a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B4611FB4-7B8D-4DCA-9BFC-87585E16129B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B44E0187-3577-4770-8D76-10F64F6400B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E6282B-B403-45AD-B1EC-82257EEA1A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0936E4B2-D89C-44B3-9082-77FA369BA280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "A1257552-9117-45EE-B77C-00879E1FC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA380DC2-2392-413E-AC7A-F8B854EA3108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B530A944-0A71-4F88-AAE6-3844364FB098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62C554AE-AE7A-48B1-A1FF-E8E7691EA344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25541421-4A87-43BF-86D7-E1377CE3C859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "301E2B13-D410-4B26-9A47-F90343F47C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE910AB1-7D04-4743-9963-BBA191EE4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41A3C5-D03A-4B1F-B841-A9F5021A59F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62D429-7BDE-47DE-B466-0732DAC3F70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "6893355E-2F64-416D-9AED-898E6D1123F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de tipo cross-site scripting (XSS) en Cacti versi\u00f3n 0.8.7 anterior a 0.8.7b y versi\u00f3n 0.8.6 anterior a 0.8.6k, permiten a los atacantes remotos inyectar script web o HTML arbitrario por medio de (1) el par\u00e1metro view_type en el archivo graph.php; (2) el par\u00e1metro filter en el archivo graph_view.php; (3) el par\u00e1metro action en la funci\u00f3n draw_navigation_text en el archivo lib/functions.php, accesible por medio del archivo index.php (tambi\u00e9n conocido como la p\u00e1gina de inicio de sesi\u00f3n) o el archivo data_input.php; o (4) el par\u00e1metro login_username en el archivo index.php."
}
],
"id": "CVE-2008-0783",
"lastModified": "2024-11-21T00:42:54.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-02-14T23:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.cacti.net/view.php?id=1245"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28976"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29242"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30045"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34991"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50575"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.cacti.net/view.php?id=1245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200803-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cacti.net/release_notes_0_8_7b.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201506-0385
Vulnerability from variot
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id. Cacti is an open source network traffic monitoring and analysis tool from Cacti Group. The tool uses snmpget to get data, RRDtool to draw graphics for analysis, and provides data and user management capabilities. Cacti is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-3295-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 24, 2015 https://www.debian.org/security/faq
Package : cacti CVE ID : CVE-2015-2665 CVE-2015-4342 CVE-2015-4454
Several vulnerabilities (cross-site scripting and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.
For the oldstable distribution (wheezy), these problems have been fixed in version 0.8.8a+dfsg-5+deb7u5.
For the stable distribution (jessie), these problems have been fixed in version 0.8.8b+dfsg-8+deb8u1.
For the unstable distribution (sid), these problems have been fixed in version 0.8.8d+ds1-1.
We recommend that you upgrade your cacti packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJVivszAAoJEAVMuPMTQ89Eq+sP/2jqe/IKVQwUxnJEY1w6hCRY S5kVRgGIW+e6WZnuIqTXWcELC+XhmOWv1F2McC7SJXclV7eMIlae/JwKb47XFVAX 1Nw1NlK+LZlbm23pqTv0ao8a0REhqkhMMENs/Ss1P2QFHxSCAqcoyXQ2wvTLwfXR 8Bm1qV12pHDd0TZG5gInNVncWL13sFIs8Fx0+psLyFa3yh2u5nbylVM2XNa3XTOn YtG4OnWkBrinpXtJ9S3XfF3JTUgMv0WLoK0ZD105GKJnxDWwsalDgFqkInGoYX6R oA/USy1LgX98s19tRKYhgadyl4FcUF62SR6arhPkLQdH3RX8uuZEs8/ozY6u4WSp 24Fsq4x+4M+9tUwNVwOgZ6+pCPkul3tSTfnxE7uao09JCQmD6QuEqbuJObEexnqz xm4JU3d0nXhLl7CGXdgMr4Cs4B+zRW/yCXyBQkbq72BhBPQE/70c1ze+sIdpCJI8 a3seNpa40kvEUQfxin7+itkfJhz2g1beRUsHclSTz8YrBD3iz79hnhlzJPte5H4z WDBXrNkxKnBQMTkhaTufT+NdnlkcxFPbr6HEW70Px/WNPsSca469NGyHy+u9QZM/ oM78VdKjP4AGKzBBY4HYplkbhRAgfF67Wdg0M5GZ8VRuh0knbogeau+srUTj16BO ZUkO3AskyvyalG1tCSsy =OST/ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0385",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fedora",
"scope": "eq",
"trust": 1.6,
"vendor": "fedoraproject",
"version": "24"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.6,
"vendor": "fedoraproject",
"version": "22"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.6,
"vendor": "fedoraproject",
"version": "23"
},
{
"model": "cacti",
"scope": "lte",
"trust": 1.0,
"vendor": "cacti",
"version": "0.8.8c"
},
{
"model": "cacti",
"scope": "lt",
"trust": 0.8,
"vendor": "the cacti group",
"version": "0.8.8d"
},
{
"model": "\u003c0.8.8d",
"scope": null,
"trust": 0.6,
"vendor": "cacti",
"version": null
},
{
"model": "technology wsw-2401 h",
"scope": "eq",
"trust": 0.3,
"vendor": "planet",
"version": "0.8.6"
},
{
"model": "technology wsw-2401 g",
"scope": "eq",
"trust": 0.3,
"vendor": "planet",
"version": "0.8.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.7"
},
{
"model": "f",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.6"
},
{
"model": "c",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.6"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.5"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.5"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.4"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.3"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.3"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.2"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.2"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8.1"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.8"
},
{
"model": "cacti",
"scope": "eq",
"trust": 0.3,
"vendor": "cacti",
"version": "0.6.7"
},
{
"model": "0.8.7i",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7h",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7g",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7f",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7e",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7d",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7c",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7b",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.7a",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.6k",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.6j",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
},
{
"model": "0.8.6i",
"scope": null,
"trust": 0.3,
"vendor": "cacti",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"db": "BID",
"id": "75108"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.8.8c",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4342"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unhex",
"sources": [
{
"db": "BID",
"id": "75108"
},
{
"db": "PACKETSTORM",
"id": "132224"
}
],
"trust": 0.4
},
"cve": "CVE-2015-4342",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-4342",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-03938",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-4342",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-03938",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-324",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id. Cacti is an open source network traffic monitoring and analysis tool from Cacti Group. The tool uses snmpget to get data, RRDtool to draw graphics for analysis, and provides data and user management capabilities. Cacti is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. \nExploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3295-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJune 24, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : cacti\nCVE ID : CVE-2015-2665 CVE-2015-4342 CVE-2015-4454\n\nSeveral vulnerabilities (cross-site scripting and SQL injection) have\nbeen discovered in Cacti, a web interface for graphing of monitoring\nsystems. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 0.8.8a+dfsg-5+deb7u5. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 0.8.8b+dfsg-8+deb8u1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.8.8d+ds1-1. \n\nWe recommend that you upgrade your cacti packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIcBAEBCgAGBQJVivszAAoJEAVMuPMTQ89Eq+sP/2jqe/IKVQwUxnJEY1w6hCRY\nS5kVRgGIW+e6WZnuIqTXWcELC+XhmOWv1F2McC7SJXclV7eMIlae/JwKb47XFVAX\n1Nw1NlK+LZlbm23pqTv0ao8a0REhqkhMMENs/Ss1P2QFHxSCAqcoyXQ2wvTLwfXR\n8Bm1qV12pHDd0TZG5gInNVncWL13sFIs8Fx0+psLyFa3yh2u5nbylVM2XNa3XTOn\nYtG4OnWkBrinpXtJ9S3XfF3JTUgMv0WLoK0ZD105GKJnxDWwsalDgFqkInGoYX6R\noA/USy1LgX98s19tRKYhgadyl4FcUF62SR6arhPkLQdH3RX8uuZEs8/ozY6u4WSp\n24Fsq4x+4M+9tUwNVwOgZ6+pCPkul3tSTfnxE7uao09JCQmD6QuEqbuJObEexnqz\nxm4JU3d0nXhLl7CGXdgMr4Cs4B+zRW/yCXyBQkbq72BhBPQE/70c1ze+sIdpCJI8\na3seNpa40kvEUQfxin7+itkfJhz2g1beRUsHclSTz8YrBD3iz79hnhlzJPte5H4z\nWDBXrNkxKnBQMTkhaTufT+NdnlkcxFPbr6HEW70Px/WNPsSca469NGyHy+u9QZM/\noM78VdKjP4AGKzBBY4HYplkbhRAgfF67Wdg0M5GZ8VRuh0knbogeau+srUTj16BO\nZUkO3AskyvyalG1tCSsy\n=OST/\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"db": "BID",
"id": "75108"
},
{
"db": "PACKETSTORM",
"id": "132429"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4342",
"trust": 3.5
},
{
"db": "PACKETSTORM",
"id": "132224",
"trust": 3.1
},
{
"db": "BID",
"id": "75108",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1032672",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-03938",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "132429",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"db": "BID",
"id": "75108"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"db": "PACKETSTORM",
"id": "132224"
},
{
"db": "PACKETSTORM",
"id": "132429"
},
{
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
]
},
"id": "VAR-201506-0385",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
}
]
},
"last_update_date": "2023-12-18T12:20:48.083000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Release Notes - 0.8.8d",
"trust": 0.8,
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"title": "Bug Reporting",
"trust": 0.8,
"url": "http://bugs.cacti.net/main_page.php"
},
{
"title": "Patch for Cacti SQL Injection Vulnerability (CNVD-2015-03938)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/59936"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"db": "NVD",
"id": "CVE-2015-4342"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/132224/cacti-sql-injection-header-injection.html"
},
{
"trust": 1.9,
"url": "http://seclists.org/fulldisclosure/2015/jun/19"
},
{
"trust": 1.9,
"url": "http://www.cacti.net/release_notes_0_8_8d.php"
},
{
"trust": 1.7,
"url": "http://bugs.cacti.net/view.php?id=2571"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183449.html"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183454.html"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183919.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00052.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/75108"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1032672"
},
{
"trust": 1.0,
"url": "https://bugzilla.suse.com/show_bug.cgi?id=934187"
},
{
"trust": 1.0,
"url": "https://www.suse.com/security/cve/cve-2015-4342.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4342"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4342"
},
{
"trust": 0.3,
"url": "http://cacti.net/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4342"
},
{
"trust": 0.1,
"url": "http://bugs.cacti.net/view.php?id=2571#c6864"
},
{
"trust": 0.1,
"url": "http://www.dbappsecurity.com.cn/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2665"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4454"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"db": "BID",
"id": "75108"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"db": "PACKETSTORM",
"id": "132224"
},
{
"db": "PACKETSTORM",
"id": "132429"
},
{
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"db": "BID",
"id": "75108"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"db": "PACKETSTORM",
"id": "132224"
},
{
"db": "PACKETSTORM",
"id": "132429"
},
{
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"date": "2015-06-09T00:00:00",
"db": "BID",
"id": "75108"
},
{
"date": "2015-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"date": "2015-06-09T17:22:22",
"db": "PACKETSTORM",
"id": "132224"
},
{
"date": "2015-06-25T02:36:27",
"db": "PACKETSTORM",
"id": "132429"
},
{
"date": "2015-06-17T18:59:07.407000",
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"date": "2015-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03938"
},
{
"date": "2015-07-14T23:45:00",
"db": "BID",
"id": "75108"
},
{
"date": "2015-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003192"
},
{
"date": "2017-11-08T02:29:02.177000",
"db": "NVD",
"id": "CVE-2015-4342"
},
{
"date": "2015-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "132224"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cacti In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003192"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sql injection",
"sources": [
{
"db": "PACKETSTORM",
"id": "132224"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-324"
}
],
"trust": 0.7
}
}