Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:136141256231112202469691HistoryAug 21, 2024 - 12:00 a.m.
Ubuntu: Security Advisory (USN-6969-1)
2024-08-2100:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
10
ubuntu
cacti
security advisory
usn-6969-1
package
missing update
cve-2024-25641
cve-2024-29894
cve-2024-31443
cve-2024-31444
cve-2024-31445
cve-2024-31458
cve-2024-31459
cve-2024-31460
authentication vulnerability
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
7.2
Confidence
Low
EPSS
0.003
Percentile
70.5%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.12.2024.6969.1");
script_cve_id("CVE-2024-25641", "CVE-2024-29894", "CVE-2024-31443", "CVE-2024-31444", "CVE-2024-31445", "CVE-2024-31458", "CVE-2024-31459", "CVE-2024-31460", "CVE-2024-34340");
script_tag(name:"creation_date", value:"2024-08-21 04:09:29 +0000 (Wed, 21 Aug 2024)");
script_version("2024-08-21T05:05:38+0000");
script_tag(name:"last_modification", value:"2024-08-21 05:05:38 +0000 (Wed, 21 Aug 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_name("Ubuntu: Security Advisory (USN-6969-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(14\.04\ LTS|16\.04\ LTS|18\.04\ LTS|20\.04\ LTS|22\.04\ LTS|24\.04\ LTS)");
script_xref(name:"Advisory-ID", value:"USN-6969-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-6969-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'cacti' package(s) announced via the USN-6969-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"It was discovered that Cacti did not properly apply checks to the 'Package
Import' feature. An attacker could possibly use this issue to perform
arbitrary code execution. This issue only affected Ubuntu 24.04 LTS, Ubuntu
22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-25641)
It was discovered that Cacti did not properly sanitize values when using
javascript based API. A remote attacker could possibly use this issue to
inject arbitrary javascript code resulting into cross-site scripting
vulnerability. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-29894)
It was discovered that Cacti did not properly sanitize values when managing
data queries. A remote attacker could possibly use this issue to inject
arbitrary javascript code resulting into cross-site scripting
vulnerability. (CVE-2024-31443)
It was discovered that Cacti did not properly sanitize values when reading
tree rules with Automation API. A remote attacker could possibly use this
issue to inject arbitrary javascript code resulting into cross-site
scripting vulnerability. (CVE-2024-31444)
It was discovered that Cacti did not properly sanitize
'get_request_var('filter')' values in the 'api_automation.php' file. A
remote attacker could possibly use this issue to perform SQL injection
attacks. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-31445)
It was discovered that Cacti did not properly sanitize data stored in
'form_save()' function in the 'graph_template_inputs.php' file. A remote
attacker could possibly use this issue to perform SQL injection attacks.
(CVE-2024-31458)
It was discovered that Cacti did not properly validate the file urls from
the lib/plugin.php file. An attacker could possibly use this issue to
perform arbitrary code execution. (CVE-2024-31459)
It was discovered that Cacti did not properly validate the data stored in
the 'automation_tree_rules.php'. A remote attacker could possibly use this
issue to perform SQL injection attacks. This issue only affected Ubuntu
24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS.
(CVE-2024-31460)
It was discovered that Cacti did not properly verify the user password.
An attacker could possibly use this issue to bypass authentication
mechanism. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-34360)");
script_tag(name:"affected", value:"'cacti' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU14.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"cacti", ver:"0.8.8b+dfsg-5ubuntu0.2+esm2", rls:"UBUNTU14.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU16.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"cacti", ver:"0.8.8f+ds1-4ubuntu4.16.04.2+esm2", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU18.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"cacti", ver:"1.1.38+ds1-1ubuntu0.1~esm3", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU20.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"cacti", ver:"1.2.10+ds1-1ubuntu1.1", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU22.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"cacti", ver:"1.2.19+ds1-2ubuntu1.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU24.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"cacti", ver:"1.2.26+ds1-1ubuntu0.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
osv
osv
cacti vulnerabilities
2024-08-20 11:14:34
Security update for cacti, cacti-spine
2024-09-02 08:09:11
cacti-1.2.27-1.1 on GA media
2024-06-15 00:00:00
ubuntu
ubuntu
Cacti vulnerabilities
2024-08-20 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Cacti vulnerabilities (USN-6969-1)
2024-08-21 00:00:00
openSUSE 15 Security Update : cacti, cacti-spine (openSUSE-SU-2024:0276-1)
2024-09-03 00:00:00
openSUSE 15 Security Update : cacti, cacti-spine (openSUSE-SU-2024:0274-1)
2024-09-03 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3884-1)
2024-09-10 00:00:00
Fedora: Security Advisory (FEDORA-2024-27a594f71d)
2024-06-07 00:00:00
Fedora: Security Advisory for cacti (FEDORA-2024-27a594f71d)
2024-06-07 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: cacti-spine-1.2.27-1.fc39
2024-05-31 02:14:04
[SECURITY] Fedora 39 Update: cacti-1.2.27-1.fc39
2024-05-31 02:14:03
thn
thn
Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code
2024-05-14 11:17:00
vulnrichment
vulnrichment
CVE-2024-34360 Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX
2024-05-10 15:50:05
CVE-2024-31443 Cacti XSS vulnerability in lib/html_tree.php by reading dirty data stored in database
2024-05-13 15:01:44
CVE-2024-31445 SQL Injection vulnerability in automation_get_new_graphs_sql
2024-05-13 15:05:56
veracode
veracode
Improper Check For Unusual Or Exceptional Conditions
2024-05-13 10:15:18
Cross-Site Scripting
2024-05-20 02:38:48
cvelist
cvelist
nvd
nvd
cve
cve
debiancve
debiancve
alpinelinux
alpinelinux
ubuntucve
ubuntucve
github
github
zdt
zdt
Cacti Import Packages Remote Code Execution Exploit
2024-06-13 00:00:00
Cacti 1.2.26 Remote Code Execution Vulnerability
2024-05-15 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-25641
2024-08-29 06:27:25
Exploit for CVE-2024-25641
2024-08-27 01:19:25
Exploit for CVE-2024-25641
2024-08-27 16:41:39
metasploit
metasploit
Cacti Import Packages RCE
2024-05-22 15:38:53
packetstorm
packetstorm
Cacti Import Packages Remote Code Execution
2024-06-13 00:00:00
Cacti 1.2.26 Remote Code Execution
2024-05-15 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 06/14/2024
2024-06-14 19:09:16
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
7.2
Confidence
Low
EPSS
0.003
Percentile
70.5%
Related for OPENVAS:136141256231112202469691