Debian Cacti vulnerabilities

CVE-2024-31444 [MEDIUM] CVE-2024-31444: cacti - Cacti provides an operational monitoring and fault management framework. Prior t... Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. V

CVE-2024-31443 [MEDIUM] CVE-2024-31443: cacti - Cacti provides an operational monitoring and fault management framework. Prior t... Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch

CVE-2024-29894 [MEDIUM] CVE-2024-29894: cacti - Cacti provides an operational monitoring and fault management framework. Version... Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unesca

CVE-2024-31460 [MEDIUM] CVE-2024-31460: cacti - Cacti provides an operational monitoring and fault management framework. Prior t... Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection

CVE-2024-54146 [HIGH] CVE-2024-54146: cacti - Cacti is an open source performance and fault management framework. Cacti has a ... Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29. Scope: local bookworm: resolved bullseye: resolved forky: resolved (fixed in 1.2.28+ds1-4) sid: resolved (fixed in 1.2.28+ds1-4) trixie: res

CVE-2024-30268 [MEDIUM] CVE-2024-30268: cacti - Cacti provides an operational monitoring and fault management framework. A refle... Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit a38b9046e9772612fda847b46308f9391a49891e. Scope: local bookworm: resolved bullsey

CVE-2024-29895 [CRITICAL] CVE-2024-29895: cacti - Cacti provides an operational monitoring and fault management framework. A comma... Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVE

CVE-2023-39361 [CRITICAL] CVE-2023-39361: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit

CVE-2023-49084 [HIGH] CVE-2023-49084: cacti - Cacti is a robust performance and fault management framework and a frontend to R... Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the

CVE-2023-39358 [HIGH] CVE-2023-39358: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_bra

CVE-2023-39359 [HIGH] CVE-2023-39359: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parame

CVE-2023-39362 [HIGH] CVE-2023-39362: cacti - Cacti is an open source operational monitoring and fault management framework. I... Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar be

CVE-2023-39357 [HIGH] CVE-2023-39357: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vul

CVE-2023-49085 [HIGH] CVE-2023-49085: cacti - Cacti provides an operational monitoring and fault management framework. In vers... Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publi

CVE-2023-39516 [MEDIUM] CVE-2023-39516: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-t

CVE-2023-39514 [MEDIUM] CVE-2023-39514: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-t

CVE-2023-50250 [MEDIUM] CVE-2023-50250: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass

CVE-2023-30534 [MEDIUM] CVE-2023-30534: cacti - Cacti is an open source operational monitoring and fault management framework. T... Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of ins

CVE-2023-49088 [MEDIUM] CVE-2023-49088: cacti - Cacti is an open source operational monitoring and fault management framework. T... Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adve

CVE-2023-46490 [MEDIUM] CVE-2023-46490: cacti - SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain ... SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 1.2.26+ds1-1) sid: resolved (fixed in 1.2.26+ds1-1) trixie: resolved (fixed in 1.2.26+ds1-1)