Lucene search
K

The vulnerability of the Cacti network monitoring software lies in the lack of security measures for the website structure. This allows attackers to execute XSS attacks and execute arbitrary code.

🗓️ 29 May 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 4 Views

Cacti web interface lacks security for its structure, enabling cross site scripting and arbitrary code execution.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
AlpineLinux
CVE-2023-49086
21 Dec 202323:29
alpinelinux
Circl
CVE-2023-49086
22 Dec 202301:21
circl
CNNVD
Cacti 跨站脚本漏洞
21 Dec 202300:00
cnnvd
CNVD
Cacti cross-site scripting vulnerability (CNVD-2023-10109007)
25 Dec 202300:00
cnvd
CVE
CVE-2023-49086
21 Dec 202323:29
cve
Cvelist
CVE-2023-49086 Cacti is vulnerable to cross-Site scripting (XSS) DOM
21 Dec 202323:29
cvelist
Debian
[SECURITY] [DLA 3765-1] cacti security update
18 Mar 202418:26
debian
Debian
[SECURITY] [DSA 5646-1] cacti security update
24 Mar 202413:01
debian
Debian CVE
CVE-2023-49086
21 Dec 202323:29
debiancve
Tenable Nessus
Debian dla-3765 : cacti - security update
18 Mar 202400:00
nessus
Rows per page
Vulners
Node
cacti_groupcactiRange<1.2.27

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

29 May 2024 00:00Current
6.2Medium risk
Vulners AI Score6.2
CVSS 36.1
CVSS 26.4
EPSS0.01481
4