Debian 9: DLA-2965-1 Critical: Cacti Authentication Bypass and XSS
debian lts
March 29, 2022
Multiple vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems, leading to authentication bypass and cross-site scripting (XSS)
Summary
CVE-2018-10060
Cacti has XSS because it does not properly reject unintended
characters, related to use of the sanitize_uri function in
lib/functions.php.
CVE-2018-10061
Cacti has XSS because it makes certain htmlspecialchars calls
without the ENT_QUOTES flag (these calls occur when the
html_escape function in lib/html.php is not used).
CVE-2019-11025
No escaping occurs before printing out the value of the SNMP
community string (SNMP Options) in the View poller cache, leading
to XSS.
CVE-2020-7106
Cacti has stored XSS in multiple files as demonstrated by the
description parameter in data_sources.php (a raw string from the
database that is displayed by $header to trigger the XSS).
CVE-2020-13230
Disabling a user account does not immediately invalidate any
permissions granted to that account (e.g., permission to view
logs).
CVE-2020-23226
Multiple Cross Site Scripting (XSS) vulnerabilities exist in
multiple files.
CVE-2021-23225
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: cacti
Version: 0.8.8h+ds1-10+deb9u2
CVE ID: CVE-2018-10060 CVE-2018-10061 CVE-2019-11025 CVE-2020-7106
Debian Bug: 926700 949996
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!