CVE-2023-39361

2023-09-0500:00:00

ubuntu.com

cacti

sql injection

unauthenticated access

administrative privileges

remote code execution

upgrade

vulnerability

security

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.533 Medium

EPSS

Percentile

97.6%

JSON

Cacti is an open source operational monitoring and fault management
framework. Affected versions are subject to a SQL injection discovered in
graph_view.php. Since guest users can access graph_view.php without
authentication by default, if guest users are being utilized in an enabled
state, there could be the potential for significant damage. Attackers may
exploit this vulnerability, and there may be possibilities for actions such
as the usurpation of administrative privileges or remote code execution.
This issue has been addressed in version 1.2.25. Users are advised to
upgrade. There are no known workarounds for this vulnerability.

Notes

Author	Note
	Priority reason: The vulnerable page can be accessed without authentication by default and the vulnerability can be exploited remotely and lead to code execution.
alexmurray	This was introduced upstream via https://github.com/Cacti/cacti/commit/36269461cb9b03581ad5d7f6ddbc085a28fb9c37 and so only 1.2.19 and later were affected.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchcacti< 1.2.19+ds1-2ubuntu1+esm1UNKNOWN
ubuntu23.10noarchcacti< 1.2.25+ds1-2UNKNOWN
ubuntu24.04noarchcacti< 1.2.25+ds1-2UNKNOWN