Debian Cacti vulnerabilities

CVE-2023-39510 [MEDIUM] CVE-2023-39510: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. T

CVE-2023-49086 [MEDIUM] CVE-2023-49086: cacti - Cacti is a robust performance and fault management framework and a frontend to R... Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. T

CVE-2023-39360 [MEDIUM] CVE-2023-39360: cacti - Cacti is an open source operational monitoring and fault management framework.Af... Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in `graphs_new.php`. Several validations are performed, but the `returnto` parameter is directly passed to `form_save_button`. In order

CVE-2023-39366 [MEDIUM] CVE-2023-39366: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. T

CVE-2023-39365 [MEDIUM] CVE-2023-39365: cacti - Cacti is an open source operational monitoring and fault management framework. I... Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. Sc

CVE-2023-39513 [MEDIUM] CVE-2023-39513: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-t

CVE-2023-39515 [MEDIUM] CVE-2023-39515: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The s

CVE-2023-39512 [MEDIUM] CVE-2023-39512: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-t

CVE-2023-39511 [MEDIUM] CVE-2023-39511: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-t

CVE-2023-37543 [MEDIUM] CVE-2023-37543: cacti - Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing ... Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723. Scope: local bookworm: resolved (fixed in 1.2.6+ds1-1) bullseye: resolved (fixed in 1.2.6+ds1-1) forky: resolved (fixed in 1.2.6+ds1-1) sid: resolved (fixed in 1.2

CVE-2023-51448 [HIGH] CVE-2023-51448: cacti - Cacti provides an operational monitoring and fault management framework. Version... Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi pa

CVE-2023-39364 [LOW] CVE-2023-39364: cacti - Cacti is an open source operational monitoring and fault management framework. I... Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It's val

CVE-2023-31132 [HIGH] CVE-2023-31132: cacti - Cacti is an open source operational monitoring and fault management framework. A... Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. Th

CVE-2022-46169 [CRITICAL] CVE-2022-46169: cacti - Cacti is an open source platform which provides a robust and extensible operatio... Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides

CVE-2022-0730 [CRITICAL] CVE-2022-0730: cacti - Under certain ldap conditions, Cacti authentication can be bypassed with certain... Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. Scope: local bookworm: resolved (fixed in 1.2.20+ds1-1) bullseye: resolved (fixed in 1.2.16+ds1-2+deb11u1) forky: resolved (fixed in 1.2.20+ds1-1) sid: resolved (fixed in 1.2.20+ds1-1) trixie: resolved (fixed in 1.2.20+ds1-1)

CVE-2022-48547 [MEDIUM] CVE-2022-48547: cacti - A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier... A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php. Scope: local bookworm: resolved (fixed in 0.8.7i-1) bullseye: resolved (fixed in 0.8.7i-1) forky: resolved (fixed in 0.8.7i-1) sid: resolved (fixed in 0.8.7i

CVE-2022-41444 [MEDIUM] CVE-2022-41444: cacti - Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST reques... Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php. Scope: local bookworm: resolved (fixed in 1.2.22+ds1-1) bullseye: resolved (fixed in 1.2.16+ds1-2+deb11u4) forky: resolved (fixed in 1.2.22+ds1-1) sid: resolved (fixed in 1.2.22+ds1-1) trixie: resolved (fixed in 1.2.22+ds1-1)

CVE-2022-48538 [MEDIUM] CVE-2022-48538: cacti - In Cacti 1.2.19, there is an authentication bypass in the web login functionalit... In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password. Scope: local bookworm: resolved (fixed in 1.2.23+ds1-1) bullseye: open forky: resolved (fixed in 1.2.23+ds1-1) sid: resolved (fixed in 1.2.23+ds1-1) trixie: resolved (fixed in 1.2.23+ds1-1)

CVE-2021-26247 [MEDIUM] CVE-2021-26247: cacti - As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassw... As an unauthenticated remote user, visit "http:///auth_changepassword.php?ref=alert(1)" to successfully execute the JavaScript payload present in the "ref" URL parameter. Scope: local bookworm: resolved (fixed in 0.8.7i-1) bullseye: resolved (fixed in 0.8.7i-1) forky: resolved (fixed in 0.8.7i-1) sid: resolved (fixed in 0.8.7i-1) trixie: resolved (fixed in 0.8.7i-1)

CVE-2021-3816 [MEDIUM] CVE-2021-3816: cacti - Cacti 1.1.38 allows authenticated users with User Management permissions to inje... Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php. Scope: local bookworm: resolved (fixed in 1.2.1+ds1-1) bullseye: resolved (fixed in 1.2.1+ds1-1) forky: resolved (fixed in 1.2.1+ds1-1) sid: resolved (fixed in 1.2.1+ds