9 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-39364
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary...
[SECURITY] [DLA 3765-1] cacti security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3765-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 18, 2024 https://wiki.debian.org/LTS -...
Debian DSA-5550-1 : cacti - security update
The remote Debian 11 / 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5550 advisory. Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site...
[SECURITY] [DSA 5550-1] cacti security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5550-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 08, 2023 https://www.debian.org/security/faq -...
Fedora: Security Advisory (FEDORA-2023-248dff7cbe)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cacti (FEDORA-2023-6335ea9c0c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cacti-spine (FEDORA-2023-06a2a6e03c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cacti (FEDORA-2023-06a2a6e03c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-39364
CVE-2023-39364 (Cacti 1.2.24) describes an open redirect flaw where the auth_changepassword.php script accepts a URL parameter ref and reflects it in the password-change form, using it to redirect via header. This allows users with console access to be redirected to an arbitrary website after ini...