Описание
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cacti | fixed | 1.2.11+ds1-1 | package | |
| cacti | fixed | 1.2.2+ds1-2+deb10u3 | buster | package |
Примечания
https://github.com/Cacti/cacti/issues/3343
EPSS
Процентиль: 74%
0.00799
Низкий
Связанные уязвимости
CVSS3: 4.3
ubuntu
больше 5 лет назад
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
CVSS3: 4.3
nvd
больше 5 лет назад
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
CVSS3: 4.3
github
больше 3 лет назад
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
EPSS
Процентиль: 74%
0.00799
Низкий