[Pkg-cacti-maint] Bug#1059254: cacti: CVE-2023-49084 CVE-2023-49086
Moritz Mühlenhoff
jmm at inutil.org
Fri Dec 22 08:38:53 GMT 2023
Source: cacti
X-Debbugs-CC: team at security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for cacti.
CVE-2023-49084[0]:
| Cacti is a robust performance and fault management framework and a
| frontend to RRDTool - a Time Series Database (TSDB). While using the
| detected SQL Injection and insufficient processing of the include
| file path, it is possible to execute arbitrary code on the server.
| Exploitation of the vulnerability is possible for an authorized
| user. The vulnerable component is the `link.php`. Impact of the
| vulnerability execution of arbitrary code on the server.
https://github.com/Cacti/cacti/commit/58a980f335980ab57659420053d89d4e721ae3fc
CVE-2023-49086[1]:
| Cacti is a robust performance and fault management framework and a
| frontend to RRDTool - a Time Series Database (TSDB). Bypassing an
| earlier fix (CVE-2023-39360) that leads to a DOM XSS attack.
| Exploitation of the vulnerability is possible for an authorized
| user. The vulnerable component is the `graphs_new.php`. Impact of
| the vulnerability - execution of arbitrary javascript code in the
| attacked user's browser. This issue has been patched in version
| 1.2.26.
https://github.com/Cacti/cacti/security/advisories/GHSA-wc73-r2vw-59pr
I think https://github.com/Cacti/cacti/commit/58a980f335980ab57659420053d89d4e721ae3fc
should address both, but please doublecheck.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-49084
https://www.cve.org/CVERecord?id=CVE-2023-49084
[1] https://security-tracker.debian.org/tracker/CVE-2023-49086
https://www.cve.org/CVERecord?id=CVE-2023-49086
Please adjust the affected versions in the BTS as needed.
More information about the Pkg-cacti-maint
mailing list