6 matches found
CVE-2019-16723
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...
CVE-2019-16723
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...
CVE-2019-16723
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...
Authorization
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...
CVE-2019-16723
CVE-2019-16723 affects Cacti until 1.2.6. An authenticated user can bypass authorization to view a graph by calling graph_json.php with a modified local_graph_id, effectively an IDOR-style flaw. Remediation per connected sources is to upgrade to a fixed release (examples include Cacti 1.2.9+; som...
CVE-2019-16723
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...