Описание
Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 1.2.26+ds1-1 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage |
Показывать по
EPSS
4.6 Medium
CVSS3
Связанные уязвимости
Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Cacti is an open source operational monitoring and fault management fr ...
Уязвимость функции links программного средства мониторинга сети Cacti, позволяющая нарушителю выполнять произвольные SQL-запросы
EPSS
4.6 Medium
CVSS3