Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian LTS: Security Advisory for cacti (DLA-2965-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'cacti' package(s) announced via the DLA-2965-1 advisory.
Insight
Insight
Multiple vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems, leading to authentication bypass and cross-site scripting (XSS). An attacker may get access to unauthorized areas and impersonate other users, under certain conditions. CVE-2018-10060 Cacti has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php. CVE-2018-10061 Cacti has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used). CVE-2019-11025 No escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS. CVE-2020-7106 Cacti has stored XSS in multiple files as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). CVE-2020-13230 Disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). CVE-2020-23226 Multiple Cross Site Scripting (XSS) vulnerabilities exist in multiple files. CVE-2021-23225 Cacti allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the 'new_username' field during creation of a new user via 'Copy' method at user_admin.php. CVE-2022-0730 Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
Affected Software
Affected Software
'cacti' package(s) on Debian Linux.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
For Debian 9 stretch, these problems have been fixed in version 0.8.8h+ds1-10+deb9u2. We recommend that you upgrade your cacti packages.