[Git][security-tracker-team/security-tracker][master] CVE-2021-26247/cacti

Neil Williams (@codehelp) codehelp at debian.org
Wed Jan 26 10:47:39 GMT 2022



Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc569792 by Neil Williams at 2022-01-26T10:47:02+00:00
CVE-2021-26247/cacti

Upstream included this fix in the same issue & commit for CVE-2021-3816

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18207,7 +18207,10 @@ CVE-2021-42554
 CVE-2021-3892
 	REJECTED
 CVE-2021-26247 (As an unauthenticated remote user, visit "http://<CACTI_SERVER>/ ...)
-	TODO: check
+	- cacti 1.2.1+ds1-1
+	NOTE: Addressed as a side-note in the same issue and fix for CVE-2021-3816
+	NOTE: https://github.com/Cacti/cacti/issues/1882
+	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/2b8097c06030ab72c5b3bdadb23dceb5332f0e94 (1.2.0-beta1)
 CVE-2021-23225 (Cacti 1.1.38 allows authenticated users with User Management permissio ...)
 	- cacti 1.2.1+ds1-1
 	NOTE: https://github.com/Cacti/cacti/issues/1882



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc569792fc0e7c13ddd5a2ef77ecb0a85d18acc3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc569792fc0e7c13ddd5a2ef77ecb0a85d18acc3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220126/c32447e7/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list