[USN-6720-1] Cacti vulnerability

Severity Critical
Affected Packages 1
CVEs 1

Cacti could be made to crash if it received specially crafted input.

Kentaro Kawane discovered that Cacti incorrectly handled user provided
input sent through request parameters to the graph_view.php script.
A remote authenticated attacker could use this issue to perform
SQL injection attacks.

Package Affected Version
pkg:deb/ubuntu/cacti?distro=jammy < 1.2.19+ds1-2ubuntu1+esm1
ID
USN-6720-1
Severity
critical
URL
https://ubuntu.com/security/notices/USN-6720-1
Published
2024-04-02T11:41:26
(3 weeks ago)
Modified
2024-04-02T11:41:26
(3 weeks ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/cacti?distro=jammy ubuntu cacti < 1.2.19+ds1-2ubuntu1+esm1 jammy
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date
Loading...