Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-30534

Опубликовано: 05 сент. 2023
Источник: nvd
CVSS3: 4.3
CVSS3: 4.3
EPSS Средний

Описание

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*
Версия до 1.2.25 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

EPSS

Процентиль: 97%
0.41972
Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS3

Дефекты

CWE-502
CWE-502

Связанные уязвимости

ubuntu логотип

CVE-2023-30534

CVSS3: 4.3
ubuntu
больше 2 лет назад

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.

debian логотип

CVE-2023-30534

CVSS3: 4.3
debian
больше 2 лет назад

Cacti is an open source operational monitoring and fault management fr ...

fstec логотип

BDU:2023-05455

CVSS3: 4.3
fstec
больше 2 лет назад

Уязвимость функции host_new_graphs_save() (graphs_new.php) программного средства мониторинга сети Cacti, позволяющая нарушителю выполнить произвольный код

suse-cvrf логотип

openSUSE-SU-2023:0275-1

suse-cvrf
больше 2 лет назад

Security update for cacti, cacti-spine

EPSS

Процентиль: 97%
0.41972
Средний

4.3 Medium

CVSS3

4.3 Medium

CVSS3

Дефекты

CWE-502
CWE-502