Описание
Security update for cacti, cacti-spine
This update for cacti, cacti-spine fixes the following issues:
cacti-spine 1.2.26:
- Fix: Errors when uptime OID is not present
- Fix: MySQL reconnect option is depreciated
- Fix: Spine does not check a host with no poller items
- Fix: Poller may report the wrong number of devices polled
- Feature: Allow users to override the threads setting at the command line
- Feature: Allow spine to run in ping-only mode
cacti 1.2.26:
- CVE-2023-50250: XSS vulnerability when importing a template file (boo#1218380)
- CVE-2023-49084: RCE vulnerability when managing links (boo#1218360)
- CVE-2023-49085: SQL Injection vulnerability when managing poller devices (boo#1218378)
- CVE-2023-49086: XSS vulnerability when adding new devices (boo#1218366)
- CVE-2023-49088: XSS vulnerability when viewing data sources in debug mode (boo#1218379)
- CVE-2023-51448: SQL Injection vulnerability when managing SNMP Notification Receivers (boo#1218381)
- When viewing data sources, an undefined variable error may be seen
- Improvements for Poller Last Run Date
- Attempting to edit a Data Query that does not exist throws warnings and not an GUI error
- Improve PHP 8.1 support when adding devices
- Viewing Data Query Cache can cause errors to be logged
- Preserve option is not properly honoured when removing devices at command line
- Infinite recursion is possible during a database failure
- Monitoring Host CPU's does not always work on Windows endpoints
- Multi select drop down list box not rendered correctly in Chrome and Edge
- Selective Plugin Debugging may not always work as intended
- During upgrades, Plugins may be falsely reported as incompatible
- Plugin management at command line does not work with multiple plugins
- Improve PHP 8.1 support for incrementing only numbers
- Allow the renaming of guest and template accounts
- DS Stats issues warnings when the RRDfile has not been initialized
- When upgrading, missing data source profile can cause errors to be logged
- When deleting a single Data Source, purge historical debug data
- Improvements to form element warnings
- Some interface aliases do not appear correctly
- Aggregate graph does not show other percentiles
- Settings table updates for large values reverted by database repair
- When obtaining graph records, error messages may be recorded
- Unable to change a device's community at command line
- Increase timeout for RRDChecker
- When viewing a graph, option to edit template may lead to incorrect URL
- When upgrading, failures may occur due to missing color table keys
- On installation, allow a more appropriate template to be used as the default
- When data input parameters are allowed to be null, allow null
- CSV Exports may not always output data correctly
- When debugging a graph, long CDEF's can cause undesirable scrolling
- Secondary LDAP server not evaluated when the first one has failed
- When adding a device, using the bulk walk option can make version information appear
- When parsing a Data Query resource, an error can be reported if no direction is specified
- Database reconnection can cause errors to be reported incorrectly
- fix returned value if $sau is empty
- Add Aruba switch, Aruba controller and HPE iLO templates
- Add OSCX 6x00 templates
Список пакетов
SUSE Package Hub 12
SUSE Package Hub 15 SP5
openSUSE Leap 15.5
Ссылки
- E-Mail link for openSUSE-SU-2024:0031-1
- SUSE Security Ratings
- SUSE Bug 1218360
- SUSE Bug 1218366
- SUSE Bug 1218378
- SUSE Bug 1218379
- SUSE Bug 1218380
- SUSE Bug 1218381
- SUSE CVE CVE-2023-49084 page
- SUSE CVE CVE-2023-49085 page
- SUSE CVE CVE-2023-49086 page
- SUSE CVE CVE-2023-49088 page
- SUSE CVE CVE-2023-50250 page
- SUSE CVE CVE-2023-51448 page
Описание
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.
Затронутые продукты
Ссылки
- CVE-2023-49084
- SUSE Bug 1218360
Описание
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.
Затронутые продукты
Ссылки
- CVE-2023-49085
- SUSE Bug 1218378
Описание
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user's browser. This issue has been patched in version 1.2.27.
Затронутые продукты
Ссылки
- CVE-2023-49086
- SUSE Bug 1218366
Описание
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.
Затронутые продукты
Ссылки
- CVE-2023-49088
- SUSE Bug 1218379
Описание
Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.
Затронутые продукты
Ссылки
- CVE-2023-50250
- SUSE Bug 1218380
- SUSE Bug 1224231
Описание
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `'managers.php'`. An authenticated attacker with the "Settings/Utilities" permission can send a crafted HTTP GET request to the endpoint `'/cacti/managers.php'` with an SQLi payload in the `'selected_graphs_array'` HTTP GET parameter. As of time of publication, no patched versions exist.
Затронутые продукты
Ссылки
- CVE-2023-51448
- SUSE Bug 1218381