Описание
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-13230
- https://github.com/Cacti/cacti/issues/3343
- https://github.com/Cacti/cacti/releases/tag/release%2F1.2.11
- https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICJMWSY77IIGZYR6FE6NAQZFBO42VECO
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q3PCDGNELH7HEBIXRNT5J5EWQEXQAU6B
Связанные уязвимости
CVSS3: 4.3
ubuntu
больше 5 лет назад
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
CVSS3: 4.3
nvd
больше 5 лет назад
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
CVSS3: 4.3
debian
больше 5 лет назад
In Cacti before 1.2.11, disabling a user account does not immediately ...