Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-49088 (GCVE-0-2023-49088)
Vulnerability from cvelistv5
Published
2023-12-22 16:16
Modified
2025-02-13 17:18
Severity ?
EPSS score ?
Summary
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:46:29.327Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", }, { name: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", }, { name: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "cacti", vendor: "Cacti", versions: [ { status: "affected", version: "<= 1.2.25", }, ], }, ], descriptions: [ { lang: "en", value: "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-10T16:09:32.324Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", }, { name: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", tags: [ "x_refsource_MISC", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", }, { name: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", tags: [ "x_refsource_MISC", ], url: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", }, { url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/", }, ], source: { advisory: "GHSA-q7g7-gcf6-wh4x", discovery: "UNKNOWN", }, title: "Cacti has incomplete fix for CVE-2023-39515", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-49088", datePublished: "2023-12-22T16:16:53.348Z", dateReserved: "2023-11-21T18:57:30.429Z", dateUpdated: "2025-02-13T17:18:33.056Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.2.25\", \"matchCriteriaId\": \"11743AE1-4C92-47E9-BDA5-764FE3984CE8\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.\"}, {\"lang\": \"es\", \"value\": \"Cacti es un framework de gesti\\u00f3n de fallos y monitoreo operativo de c\\u00f3digo abierto. La soluci\\u00f3n aplicada para CVE-2023-39515 en la versi\\u00f3n 1.2.25 est\\u00e1 incompleta, ya que permite que un adversario haga que el navegador de la v\\u00edctima ejecute c\\u00f3digo malicioso cuando un usuario v\\u00edctima pasa el mouse sobre la ruta de la fuente de datos maliciosa en `data_debug.php`. Para realizar el ataque de cross-site scripting, el adversario debe ser un usuario de Cacti autorizado con los siguientes permisos: `General Administration>Sites/Devices/Data`. La v\\u00edctima de este ataque podr\\u00eda ser cualquier cuenta con permisos para ver `http:///cacti/data_debug.php`. Al momento de la publicaci\\u00f3n, no se ha incluido ninguna soluci\\u00f3n completa en Cacti.\"}]", id: "CVE-2023-49088", lastModified: "2024-11-21T08:32:47.840", metrics: "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 5.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 2.7}]}", published: "2023-12-22T17:15:08.247", references: "[{\"url\": \"https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2023-49088\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-12-22T17:15:08.247\",\"lastModified\":\"2024-11-21T08:32:47.840\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.\"},{\"lang\":\"es\",\"value\":\"Cacti es un framework de gestión de fallos y monitoreo operativo de código abierto. La solución aplicada para CVE-2023-39515 en la versión 1.2.25 está incompleta, ya que permite que un adversario haga que el navegador de la víctima ejecute código malicioso cuando un usuario víctima pasa el mouse sobre la ruta de la fuente de datos maliciosa en `data_debug.php`. Para realizar el ataque de cross-site scripting, el adversario debe ser un usuario de Cacti autorizado con los siguientes permisos: `General Administration>Sites/Devices/Data`. La víctima de este ataque podría ser cualquier cuenta con permisos para ver `http:///cacti/data_debug.php`. Al momento de la publicación, no se ha incluido ninguna solución completa en Cacti.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.25\",\"matchCriteriaId\":\"11743AE1-4C92-47E9-BDA5-764FE3984CE8\"}]}]}],\"references\":[{\"url\":\"https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
fkie_cve-2023-49088
Vulnerability from fkie_nvd
Published
2023-12-22 17:15
Modified
2024-11-21 08:32
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "11743AE1-4C92-47E9-BDA5-764FE3984CE8", versionEndExcluding: "1.2.25", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.", }, { lang: "es", value: "Cacti es un framework de gestión de fallos y monitoreo operativo de código abierto. La solución aplicada para CVE-2023-39515 en la versión 1.2.25 está incompleta, ya que permite que un adversario haga que el navegador de la víctima ejecute código malicioso cuando un usuario víctima pasa el mouse sobre la ruta de la fuente de datos maliciosa en `data_debug.php`. Para realizar el ataque de cross-site scripting, el adversario debe ser un usuario de Cacti autorizado con los siguientes permisos: `General Administration>Sites/Devices/Data`. La víctima de este ataque podría ser cualquier cuenta con permisos para ver `http:///cacti/data_debug.php`. Al momento de la publicación, no se ha incluido ninguna solución completa en Cacti.", }, ], id: "CVE-2023-49088", lastModified: "2024-11-21T08:32:47.840", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.2, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-22T17:15:08.247", references: [ { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", }, { source: "security-advisories@github.com", url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2023-49088
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-49088", id: "GSD-2023-49088", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-49088", ], details: "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.", id: "GSD-2023-49088", modified: "2023-12-13T01:20:35.277996Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2023-49088", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "cacti", version: { version_data: [ { version_affected: "=", version_value: "<= 1.2.25", }, ], }, }, ], }, vendor_name: "Cacti", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.", }, ], }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-79", lang: "eng", value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", refsource: "MISC", url: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", }, { name: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", refsource: "MISC", url: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", }, { name: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", refsource: "MISC", url: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", }, { name: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", refsource: "MISC", url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, ], }, source: { advisory: "GHSA-q7g7-gcf6-wh4x", discovery: "UNKNOWN", }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "11743AE1-4C92-47E9-BDA5-764FE3984CE8", versionEndExcluding: "1.2.25", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.", }, { lang: "es", value: "Cacti es un framework de gestión de fallos y monitoreo operativo de código abierto. La solución aplicada para CVE-2023-39515 en la versión 1.2.25 está incompleta, ya que permite que un adversario haga que el navegador de la víctima ejecute código malicioso cuando un usuario víctima pasa el mouse sobre la ruta de la fuente de datos maliciosa en `data_debug.php`. Para realizar el ataque de cross-site scripting, el adversario debe ser un usuario de Cacti autorizado con los siguientes permisos: `General Administration>Sites/Devices/Data`. La víctima de este ataque podría ser cualquier cuenta con permisos para ver `http:///cacti/data_debug.php`. Al momento de la publicación, no se ha incluido ninguna solución completa en Cacti.", }, ], id: "CVE-2023-49088", lastModified: "2024-03-18T20:15:08.690", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.2, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2023-12-22T17:15:08.247", references: [ { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", }, { source: "security-advisories@github.com", url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, ], }, }, }, }
opensuse-su-2024:0031-1
Vulnerability from csaf_opensuse
Published
2024-01-24 12:47
Modified
2024-01-24 12:47
Summary
Security update for cacti, cacti-spine
Notes
Title of the patch
Security update for cacti, cacti-spine
Description of the patch
This update for cacti, cacti-spine fixes the following issues:
cacti-spine 1.2.26:
* Fix: Errors when uptime OID is not present
* Fix: MySQL reconnect option is depreciated
* Fix: Spine does not check a host with no poller items
* Fix: Poller may report the wrong number of devices polled
* Feature: Allow users to override the threads setting at the command line
* Feature: Allow spine to run in ping-only mode
cacti 1.2.26:
* CVE-2023-50250: XSS vulnerability when importing a template file (boo#1218380)
* CVE-2023-49084: RCE vulnerability when managing links (boo#1218360)
* CVE-2023-49085: SQL Injection vulnerability when managing poller devices (boo#1218378)
* CVE-2023-49086: XSS vulnerability when adding new devices (boo#1218366)
* CVE-2023-49088: XSS vulnerability when viewing data sources in debug mode (boo#1218379)
* CVE-2023-51448: SQL Injection vulnerability when managing SNMP Notification Receivers (boo#1218381)
* When viewing data sources, an undefined variable error may be seen
* Improvements for Poller Last Run Date
* Attempting to edit a Data Query that does not exist throws warnings and not an GUI error
* Improve PHP 8.1 support when adding devices
* Viewing Data Query Cache can cause errors to be logged
* Preserve option is not properly honoured when removing devices at command line
* Infinite recursion is possible during a database failure
* Monitoring Host CPU's does not always work on Windows endpoints
* Multi select drop down list box not rendered correctly in Chrome and Edge
* Selective Plugin Debugging may not always work as intended
* During upgrades, Plugins may be falsely reported as incompatible
* Plugin management at command line does not work with multiple plugins
* Improve PHP 8.1 support for incrementing only numbers
* Allow the renaming of guest and template accounts
* DS Stats issues warnings when the RRDfile has not been initialized
* When upgrading, missing data source profile can cause errors to be logged
* When deleting a single Data Source, purge historical debug data
* Improvements to form element warnings
* Some interface aliases do not appear correctly
* Aggregate graph does not show other percentiles
* Settings table updates for large values reverted by database repair
* When obtaining graph records, error messages may be recorded
* Unable to change a device's community at command line
* Increase timeout for RRDChecker
* When viewing a graph, option to edit template may lead to incorrect URL
* When upgrading, failures may occur due to missing color table keys
* On installation, allow a more appropriate template to be used as the default
* When data input parameters are allowed to be null, allow null
* CSV Exports may not always output data correctly
* When debugging a graph, long CDEF's can cause undesirable scrolling
* Secondary LDAP server not evaluated when the first one has failed
* When adding a device, using the bulk walk option can make version information appear
* When parsing a Data Query resource, an error can be reported if no direction is specified
* Database reconnection can cause errors to be reported incorrectly
* fix returned value if $sau is empty
* Add Aruba switch, Aruba controller and HPE iLO templates
* Add OSCX 6x00 templates
Patchnames
openSUSE-2024-31
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for cacti, cacti-spine", title: "Title of the patch", }, { category: "description", text: "This update for cacti, cacti-spine fixes the following issues:\n\ncacti-spine 1.2.26:\n\n* Fix: Errors when uptime OID is not present\n* Fix: MySQL reconnect option is depreciated\n* Fix: Spine does not check a host with no poller items\n* Fix: Poller may report the wrong number of devices polled\n* Feature: Allow users to override the threads setting at the command line\n* Feature: Allow spine to run in ping-only mode\n\ncacti 1.2.26:\n\n* CVE-2023-50250: XSS vulnerability when importing a template file (boo#1218380)\n* CVE-2023-49084: RCE vulnerability when managing links (boo#1218360)\n* CVE-2023-49085: SQL Injection vulnerability when managing poller devices (boo#1218378)\n* CVE-2023-49086: XSS vulnerability when adding new devices (boo#1218366)\n* CVE-2023-49088: XSS vulnerability when viewing data sources in debug mode (boo#1218379)\n* CVE-2023-51448: SQL Injection vulnerability when managing SNMP Notification Receivers (boo#1218381)\n* When viewing data sources, an undefined variable error may be seen\n* Improvements for Poller Last Run Date\n* Attempting to edit a Data Query that does not exist throws warnings and not an GUI error\n* Improve PHP 8.1 support when adding devices\n* Viewing Data Query Cache can cause errors to be logged\n* Preserve option is not properly honoured when removing devices at command line\n* Infinite recursion is possible during a database failure\n* Monitoring Host CPU's does not always work on Windows endpoints\n* Multi select drop down list box not rendered correctly in Chrome and Edge\n* Selective Plugin Debugging may not always work as intended\n* During upgrades, Plugins may be falsely reported as incompatible\n* Plugin management at command line does not work with multiple plugins\n* Improve PHP 8.1 support for incrementing only numbers\n* Allow the renaming of guest and template accounts\n* DS Stats issues warnings when the RRDfile has not been initialized\n* When upgrading, missing data source profile can cause errors to be logged\n* When deleting a single Data Source, purge historical debug data\n* Improvements to form element warnings\n* Some interface aliases do not appear correctly\n* Aggregate graph does not show other percentiles\n* Settings table updates for large values reverted by database repair\n* When obtaining graph records, error messages may be recorded\n* Unable to change a device's community at command line\n* Increase timeout for RRDChecker\n* When viewing a graph, option to edit template may lead to incorrect URL\n* When upgrading, failures may occur due to missing color table keys\n* On installation, allow a more appropriate template to be used as the default\n* When data input parameters are allowed to be null, allow null\n* CSV Exports may not always output data correctly\n* When debugging a graph, long CDEF's can cause undesirable scrolling\n* Secondary LDAP server not evaluated when the first one has failed\n* When adding a device, using the bulk walk option can make version information appear\n* When parsing a Data Query resource, an error can be reported if no direction is specified\n* Database reconnection can cause errors to be reported incorrectly\n* fix returned value if $sau is empty\n* Add Aruba switch, Aruba controller and HPE iLO templates\n* Add OSCX 6x00 templates\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2024-31", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_0031-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2024:0031-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IZJKJNYP7JFJ3XMRIGZT22J5DIAVPSY7/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2024:0031-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IZJKJNYP7JFJ3XMRIGZT22J5DIAVPSY7/", }, { category: "self", summary: "SUSE Bug 1218360", url: "https://bugzilla.suse.com/1218360", }, { category: "self", summary: "SUSE Bug 1218366", url: "https://bugzilla.suse.com/1218366", }, { category: "self", summary: "SUSE Bug 1218378", url: "https://bugzilla.suse.com/1218378", }, { category: "self", summary: "SUSE Bug 1218379", url: "https://bugzilla.suse.com/1218379", }, { category: "self", summary: "SUSE Bug 1218380", url: "https://bugzilla.suse.com/1218380", }, { category: "self", summary: "SUSE Bug 1218381", url: "https://bugzilla.suse.com/1218381", }, { category: "self", summary: "SUSE CVE CVE-2023-49084 page", url: "https://www.suse.com/security/cve/CVE-2023-49084/", }, { category: "self", summary: "SUSE CVE CVE-2023-49085 page", url: "https://www.suse.com/security/cve/CVE-2023-49085/", }, { category: "self", summary: "SUSE CVE CVE-2023-49086 page", url: "https://www.suse.com/security/cve/CVE-2023-49086/", }, { category: "self", summary: "SUSE CVE CVE-2023-49088 page", url: "https://www.suse.com/security/cve/CVE-2023-49088/", }, { category: "self", summary: "SUSE CVE CVE-2023-50250 page", url: "https://www.suse.com/security/cve/CVE-2023-50250/", }, { category: "self", summary: "SUSE CVE CVE-2023-51448 page", url: "https://www.suse.com/security/cve/CVE-2023-51448/", }, ], title: "Security update for cacti, cacti-spine", tracking: { current_release_date: "2024-01-24T12:47:05Z", generator: { date: "2024-01-24T12:47:05Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:0031-1", initial_release_date: "2024-01-24T12:47:05Z", revision_history: [ { date: "2024-01-24T12:47:05Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cacti-spine-1.2.26-bp155.2.6.1.aarch64", product: { name: "cacti-spine-1.2.26-bp155.2.6.1.aarch64", product_id: "cacti-spine-1.2.26-bp155.2.6.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cacti-spine-1.2.26-bp155.2.6.1.i586", product: { name: "cacti-spine-1.2.26-bp155.2.6.1.i586", product_id: "cacti-spine-1.2.26-bp155.2.6.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "cacti-1.2.26-bp155.2.6.1.noarch", product: { name: "cacti-1.2.26-bp155.2.6.1.noarch", product_id: "cacti-1.2.26-bp155.2.6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le", product: { name: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le", product_id: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cacti-spine-1.2.26-bp155.2.6.1.s390x", product: { name: "cacti-spine-1.2.26-bp155.2.6.1.s390x", product_id: "cacti-spine-1.2.26-bp155.2.6.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cacti-spine-1.2.26-bp155.2.6.1.x86_64", product: { name: "cacti-spine-1.2.26-bp155.2.6.1.x86_64", product_id: "cacti-spine-1.2.26-bp155.2.6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 12", product: { name: "SUSE Package Hub 12", product_id: "SUSE Package Hub 12", product_identification_helper: { cpe: "cpe:/o:suse:packagehub:12", }, }, }, { category: "product_name", name: "SUSE Package Hub 15 SP5", product: { name: "SUSE Package Hub 15 SP5", product_id: "SUSE Package Hub 15 SP5", }, }, { category: "product_name", name: "openSUSE Leap 15.5", product: { name: "openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cacti-1.2.26-bp155.2.6.1.noarch as component of SUSE Package Hub 12", product_id: "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", }, product_reference: "cacti-1.2.26-bp155.2.6.1.noarch", relates_to_product_reference: "SUSE Package Hub 12", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.aarch64 as component of SUSE Package Hub 12", product_id: "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.aarch64", relates_to_product_reference: "SUSE Package Hub 12", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.i586 as component of SUSE Package Hub 12", product_id: "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.i586", relates_to_product_reference: "SUSE Package Hub 12", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le as component of SUSE Package Hub 12", product_id: "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le", relates_to_product_reference: "SUSE Package Hub 12", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.s390x as component of SUSE Package Hub 12", product_id: "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.s390x", relates_to_product_reference: "SUSE Package Hub 12", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.x86_64 as component of SUSE Package Hub 12", product_id: "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.x86_64", relates_to_product_reference: "SUSE Package Hub 12", }, { category: "default_component_of", full_product_name: { name: "cacti-1.2.26-bp155.2.6.1.noarch as component of SUSE Package Hub 15 SP5", product_id: "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", }, product_reference: "cacti-1.2.26-bp155.2.6.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.aarch64 as component of SUSE Package Hub 15 SP5", product_id: "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.aarch64", relates_to_product_reference: "SUSE Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.i586 as component of SUSE Package Hub 15 SP5", product_id: "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.i586", relates_to_product_reference: "SUSE Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le as component of SUSE Package Hub 15 SP5", product_id: "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le", relates_to_product_reference: "SUSE Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.s390x as component of SUSE Package Hub 15 SP5", product_id: "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.s390x", relates_to_product_reference: "SUSE Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.x86_64 as component of SUSE Package Hub 15 SP5", product_id: "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.x86_64", relates_to_product_reference: "SUSE Package Hub 15 SP5", }, { category: "default_component_of", full_product_name: { name: "cacti-1.2.26-bp155.2.6.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", }, product_reference: "cacti-1.2.26-bp155.2.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.i586 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "cacti-spine-1.2.26-bp155.2.6.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", }, product_reference: "cacti-spine-1.2.26-bp155.2.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, ], }, vulnerabilities: [ { cve: "CVE-2023-49084", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49084", }, ], notes: [ { category: "general", text: "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server. ", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49084", url: "https://www.suse.com/security/cve/CVE-2023-49084", }, { category: "external", summary: "SUSE Bug 1218360 for CVE-2023-49084", url: "https://bugzilla.suse.com/1218360", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-01-24T12:47:05Z", details: "important", }, ], title: "CVE-2023-49084", }, { cve: "CVE-2023-49085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49085", }, ], notes: [ { category: "general", text: "Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49085", url: "https://www.suse.com/security/cve/CVE-2023-49085", }, { category: "external", summary: "SUSE Bug 1218378 for CVE-2023-49085", url: "https://bugzilla.suse.com/1218378", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-01-24T12:47:05Z", details: "important", }, ], title: "CVE-2023-49085", }, { cve: "CVE-2023-49086", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49086", }, ], notes: [ { category: "general", text: "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user's browser. This issue has been patched in version 1.2.27.\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49086", url: "https://www.suse.com/security/cve/CVE-2023-49086", }, { category: "external", summary: "SUSE Bug 1218366 for CVE-2023-49086", url: "https://bugzilla.suse.com/1218366", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-01-24T12:47:05Z", details: "moderate", }, ], title: "CVE-2023-49086", }, { cve: "CVE-2023-49088", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49088", }, ], notes: [ { category: "general", text: "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49088", url: "https://www.suse.com/security/cve/CVE-2023-49088", }, { category: "external", summary: "SUSE Bug 1218379 for CVE-2023-49088", url: "https://bugzilla.suse.com/1218379", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-01-24T12:47:05Z", details: "moderate", }, ], title: "CVE-2023-49088", }, { cve: "CVE-2023-50250", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-50250", }, ], notes: [ { category: "general", text: "Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-50250", url: "https://www.suse.com/security/cve/CVE-2023-50250", }, { category: "external", summary: "SUSE Bug 1218380 for CVE-2023-50250", url: "https://bugzilla.suse.com/1218380", }, { category: "external", summary: "SUSE Bug 1224231 for CVE-2023-50250", url: "https://bugzilla.suse.com/1224231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-01-24T12:47:05Z", details: "moderate", }, ], title: "CVE-2023-50250", }, { cve: "CVE-2023-51448", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-51448", }, ], notes: [ { category: "general", text: "Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `'managers.php'`. An authenticated attacker with the \"Settings/Utilities\" permission can send a crafted HTTP GET request to the endpoint `'/cacti/managers.php'` with an SQLi payload in the `'selected_graphs_array'` HTTP GET parameter. As of time of publication, no patched versions exist.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-51448", url: "https://www.suse.com/security/cve/CVE-2023-51448", }, { category: "external", summary: "SUSE Bug 1218381 for CVE-2023-51448", url: "https://bugzilla.suse.com/1218381", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 12:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 12:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "SUSE Package Hub 15 SP5:cacti-1.2.26-bp155.2.6.1.noarch", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.i586", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "SUSE Package Hub 15 SP5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", "openSUSE Leap 15.5:cacti-1.2.26-bp155.2.6.1.noarch", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.aarch64", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.i586", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.ppc64le", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.s390x", "openSUSE Leap 15.5:cacti-spine-1.2.26-bp155.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-01-24T12:47:05Z", details: "important", }, ], title: "CVE-2023-51448", }, ], }
opensuse-su-2024:13533-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
cacti-1.2.26-1.1 on GA media
Notes
Title of the patch
cacti-1.2.26-1.1 on GA media
Description of the patch
These are all security issues fixed in the cacti-1.2.26-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13533
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "cacti-1.2.26-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the cacti-1.2.26-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-13533", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13533-1.json", }, { category: "self", summary: "SUSE CVE CVE-2023-49084 page", url: "https://www.suse.com/security/cve/CVE-2023-49084/", }, { category: "self", summary: "SUSE CVE CVE-2023-49085 page", url: "https://www.suse.com/security/cve/CVE-2023-49085/", }, { category: "self", summary: "SUSE CVE CVE-2023-49086 page", url: "https://www.suse.com/security/cve/CVE-2023-49086/", }, { category: "self", summary: "SUSE CVE CVE-2023-49088 page", url: "https://www.suse.com/security/cve/CVE-2023-49088/", }, { category: "self", summary: "SUSE CVE CVE-2023-50250 page", url: "https://www.suse.com/security/cve/CVE-2023-50250/", }, { category: "self", summary: "SUSE CVE CVE-2023-51448 page", url: "https://www.suse.com/security/cve/CVE-2023-51448/", }, ], title: "cacti-1.2.26-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:13533-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cacti-1.2.26-1.1.aarch64", product: { name: "cacti-1.2.26-1.1.aarch64", product_id: "cacti-1.2.26-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cacti-1.2.26-1.1.ppc64le", product: { name: "cacti-1.2.26-1.1.ppc64le", product_id: "cacti-1.2.26-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cacti-1.2.26-1.1.s390x", product: { name: "cacti-1.2.26-1.1.s390x", product_id: "cacti-1.2.26-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cacti-1.2.26-1.1.x86_64", product: { name: "cacti-1.2.26-1.1.x86_64", product_id: "cacti-1.2.26-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cacti-1.2.26-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", }, product_reference: "cacti-1.2.26-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cacti-1.2.26-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", }, product_reference: "cacti-1.2.26-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cacti-1.2.26-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", }, product_reference: "cacti-1.2.26-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cacti-1.2.26-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", }, product_reference: "cacti-1.2.26-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2023-49084", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49084", }, ], notes: [ { category: "general", text: "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server. ", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49084", url: "https://www.suse.com/security/cve/CVE-2023-49084", }, { category: "external", summary: "SUSE Bug 1218360 for CVE-2023-49084", url: "https://bugzilla.suse.com/1218360", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-49084", }, { cve: "CVE-2023-49085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49085", }, ], notes: [ { category: "general", text: "Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49085", url: "https://www.suse.com/security/cve/CVE-2023-49085", }, { category: "external", summary: "SUSE Bug 1218378 for CVE-2023-49085", url: "https://bugzilla.suse.com/1218378", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-49085", }, { cve: "CVE-2023-49086", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49086", }, ], notes: [ { category: "general", text: "Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user's browser. This issue has been patched in version 1.2.27.\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49086", url: "https://www.suse.com/security/cve/CVE-2023-49086", }, { category: "external", summary: "SUSE Bug 1218366 for CVE-2023-49086", url: "https://bugzilla.suse.com/1218366", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-49086", }, { cve: "CVE-2023-49088", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-49088", }, ], notes: [ { category: "general", text: "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-49088", url: "https://www.suse.com/security/cve/CVE-2023-49088", }, { category: "external", summary: "SUSE Bug 1218379 for CVE-2023-49088", url: "https://bugzilla.suse.com/1218379", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-49088", }, { cve: "CVE-2023-50250", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-50250", }, ], notes: [ { category: "general", text: "Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-50250", url: "https://www.suse.com/security/cve/CVE-2023-50250", }, { category: "external", summary: "SUSE Bug 1218380 for CVE-2023-50250", url: "https://bugzilla.suse.com/1218380", }, { category: "external", summary: "SUSE Bug 1224231 for CVE-2023-50250", url: "https://bugzilla.suse.com/1224231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-50250", }, { cve: "CVE-2023-51448", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-51448", }, ], notes: [ { category: "general", text: "Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `'managers.php'`. An authenticated attacker with the \"Settings/Utilities\" permission can send a crafted HTTP GET request to the endpoint `'/cacti/managers.php'` with an SQLi payload in the `'selected_graphs_array'` HTTP GET parameter. As of time of publication, no patched versions exist.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-51448", url: "https://www.suse.com/security/cve/CVE-2023-51448", }, { category: "external", summary: "SUSE Bug 1218381 for CVE-2023-51448", url: "https://bugzilla.suse.com/1218381", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:cacti-1.2.26-1.1.aarch64", "openSUSE Tumbleweed:cacti-1.2.26-1.1.ppc64le", "openSUSE Tumbleweed:cacti-1.2.26-1.1.s390x", "openSUSE Tumbleweed:cacti-1.2.26-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-51448", }, ], }
WID-SEC-W-2023-3221
Vulnerability from csaf_certbund
Published
2023-12-26 23:00
Modified
2024-05-21 22:00
Summary
Cacti: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cacti ist ein grafisches Frontend zur Visualisierung von statistischen Daten, erfasst durch die Round Robin Database rrdtool.
Angriff
Ein entfernter, anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in Cacti ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen oder XSS-Angriffe durchzuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Cacti ist ein grafisches Frontend zur Visualisierung von statistischen Daten, erfasst durch die Round Robin Database rrdtool.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in Cacti ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen oder XSS-Angriffe durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux\n- MacOS X\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-3221 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3221.json", }, { category: "self", summary: "WID-SEC-2023-3221 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3221", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-1915 vom 2024-02-06", url: "https://alas.aws.amazon.com/ALAS-2024-1915.html", }, { category: "external", summary: "Cacti Changelog Information vom 2023-12-26", url: "https://www.cacti.net/info/changelog/1.2.26", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255601", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255605", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255645", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255666", }, { category: "external", summary: "Debian Security Advisory DLA-3765 vom 2024-03-18", url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, { category: "external", summary: "Debian Security Advisory DSA-5646 vom 2024-03-24", url: "https://lists.debian.org/debian-security-announce/2024/msg00054.html", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-17176C2215 vom 2024-05-22", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-17176c2215", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-D0445178A9 vom 2024-05-22", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d0445178a9", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-4EA9DDC0F7 vom 2024-05-22", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-4ea9ddc0f7", }, ], source_lang: "en-US", title: "Cacti: Mehrere Schwachstellen", tracking: { current_release_date: "2024-05-21T22:00:00.000+00:00", generator: { date: "2024-08-15T18:03:11.027+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-3221", initial_release_date: "2023-12-26T23:00:00.000+00:00", revision_history: [ { date: "2023-12-26T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-02-05T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-03-18T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-03-24T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-05-21T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Fedora aufgenommen", }, ], status: "final", version: "5", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version_range", name: "<1.2.26", product: { name: "Open Source Cacti <1.2.26", product_id: "T031821", }, }, ], category: "product_name", name: "Cacti", }, ], category: "vendor", name: "Open Source", }, ], }, vulnerabilities: [ { cve: "CVE-2023-49084", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Cacti. Dieser Fehler besteht in der Datei link.php aufgrund einer unzureichenden Verarbeitung des Pfades der Include-Datei. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code auf dem Server ausnutzen.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49084", }, { cve: "CVE-2023-49085", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Cacti. Diese Fehler bestehen aufgrund eines SQL Injection Problems in der SNMP Notification Receivers Funktion und in der pollers.php Datei. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49085", }, { cve: "CVE-2023-51448", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Cacti. Diese Fehler bestehen aufgrund eines SQL Injection Problems in der SNMP Notification Receivers Funktion und in der pollers.php Datei. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-51448", }, { cve: "CVE-2023-49086", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in mehrere php-Komponenten nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49086", }, { cve: "CVE-2023-50569", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in mehrere php-Komponenten nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-50569", }, { cve: "CVE-2023-49088", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in templates_import.php und database nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, authentifiziert Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49088", }, { cve: "CVE-2023-50250", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in templates_import.php und database nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, authentifiziert Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-50250", }, ], }
wid-sec-w-2023-3221
Vulnerability from csaf_certbund
Published
2023-12-26 23:00
Modified
2024-05-21 22:00
Summary
Cacti: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cacti ist ein grafisches Frontend zur Visualisierung von statistischen Daten, erfasst durch die Round Robin Database rrdtool.
Angriff
Ein entfernter, anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in Cacti ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen oder XSS-Angriffe durchzuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Cacti ist ein grafisches Frontend zur Visualisierung von statistischen Daten, erfasst durch die Round Robin Database rrdtool.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in Cacti ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen oder XSS-Angriffe durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux\n- MacOS X\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-3221 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3221.json", }, { category: "self", summary: "WID-SEC-2023-3221 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3221", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-1915 vom 2024-02-06", url: "https://alas.aws.amazon.com/ALAS-2024-1915.html", }, { category: "external", summary: "Cacti Changelog Information vom 2023-12-26", url: "https://www.cacti.net/info/changelog/1.2.26", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255601", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255605", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255645", }, { category: "external", summary: "Red Hat Bugzilla Security Notification vom 2023-12-26", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255666", }, { category: "external", summary: "Debian Security Advisory DLA-3765 vom 2024-03-18", url: "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", }, { category: "external", summary: "Debian Security Advisory DSA-5646 vom 2024-03-24", url: "https://lists.debian.org/debian-security-announce/2024/msg00054.html", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-17176C2215 vom 2024-05-22", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-17176c2215", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-D0445178A9 vom 2024-05-22", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d0445178a9", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-4EA9DDC0F7 vom 2024-05-22", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-4ea9ddc0f7", }, ], source_lang: "en-US", title: "Cacti: Mehrere Schwachstellen", tracking: { current_release_date: "2024-05-21T22:00:00.000+00:00", generator: { date: "2024-08-15T18:03:11.027+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-3221", initial_release_date: "2023-12-26T23:00:00.000+00:00", revision_history: [ { date: "2023-12-26T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-02-05T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-03-18T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-03-24T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-05-21T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Fedora aufgenommen", }, ], status: "final", version: "5", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version_range", name: "<1.2.26", product: { name: "Open Source Cacti <1.2.26", product_id: "T031821", }, }, ], category: "product_name", name: "Cacti", }, ], category: "vendor", name: "Open Source", }, ], }, vulnerabilities: [ { cve: "CVE-2023-49084", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Cacti. Dieser Fehler besteht in der Datei link.php aufgrund einer unzureichenden Verarbeitung des Pfades der Include-Datei. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code auf dem Server ausnutzen.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49084", }, { cve: "CVE-2023-49085", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Cacti. Diese Fehler bestehen aufgrund eines SQL Injection Problems in der SNMP Notification Receivers Funktion und in der pollers.php Datei. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49085", }, { cve: "CVE-2023-51448", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Cacti. Diese Fehler bestehen aufgrund eines SQL Injection Problems in der SNMP Notification Receivers Funktion und in der pollers.php Datei. Ein entfernter, authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um vertrauliche Informationen offenzulegen, Dateien zu manipulieren und beliebigen Code auszuführen.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-51448", }, { cve: "CVE-2023-49086", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in mehrere php-Komponenten nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49086", }, { cve: "CVE-2023-50569", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in mehrere php-Komponenten nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-50569", }, { cve: "CVE-2023-49088", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in templates_import.php und database nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, authentifiziert Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-49088", }, { cve: "CVE-2023-50250", notes: [ { category: "description", text: "In Cacti existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in templates_import.php und database nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, authentifiziert Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "2951", "398363", "74185", ], }, release_date: "2023-12-26T23:00:00.000+00:00", title: "CVE-2023-50250", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.