Headline
Ubuntu Security Notice USN-6720-1
Ubuntu Security Notice 6720-1 - Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graph_view.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks.
==========================================================================Ubuntu Security Notice USN-6720-1April 02, 2024cacti vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS (Available with Ubuntu Pro)Summary:Cacti could be made to crash if it received specially craftedinput.Software Description:- cacti: web interface for graphing of monitoring systemsDetails:Kentaro Kawane discovered that Cacti incorrectly handled user providedinput sent through request parameters to the graph_view.php script.A remote authenticated attacker could use this issue to performSQL injection attacks.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS (Available with Ubuntu Pro): cacti 1.2.19+ds1-2ubuntu1+esm1In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6720-1 CVE-2023-39361Related news
Debian Linux Security Advisory 5550-1 - Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, an open redirect or command injection.
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.