CVE-2023-39361
Published: 5 September 2023
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Notes
Author | Note |
---|---|
Priority reason: The vulnerable page can be accessed without authentication by default and the vulnerability can be exploited remotely and lead to code execution. |
|
alexmurray | This was introduced upstream via https://github.com/Cacti/cacti/commit/36269461cb9b03581ad5d7f6ddbc085a28fb9c37 and so only 1.2.19 and later were affected. |
Priority
Status
Package | Release | Status |
---|---|---|
cacti Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
jammy |
Released
(1.2.19+ds1-2ubuntu1+esm1)
Available with Ubuntu Pro |
|
lunar |
Ignored
(end of life, was needed)
|
|
mantic |
Released
(1.2.25+ds1-2)
|
|
noble |
Released
(1.2.25+ds1-2)
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Released
(1.2.25+ds1-1)
|
|
xenial |
Not vulnerable
(code not present)
|
|
Patches: upstream: https://github.com/cacti/cacti/commit/4246aee6310846d0e106bd05279e54fff3765822 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |