|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2023-37543: cacti: Insecure direct object reference via a modified local_graph_id parameter to graph_xport.php | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Robert Frohl <rfrohl> |
| Component: | Incidents | Assignee: | Andreas Stieger <Andreas.Stieger> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/374978/ | ||
| Whiteboard: | |||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Robert Frohl
2023-08-11 06:58:43 UTC
The report is a bit strange, I assume that the next version might contain the fix (1.2.25) Still open for Factory and Backports The older CVE-2019-16723 was fixed in 1.2.7 in https://github.com/Cacti/cacti/issues/2964 with > -security#2964: CVE-2019-16723 Security issue allows to view all graphs So someone seems to have made a typo. Let's assume that it affects <= 1.2.24 (the current release) and is fixed in the next version, probably 1.2.25. There is already content there: > -SECURITY#5318: Multiple minor stored XSS vulnerabilities in Cacti 1.2.24 > -SECURITY#5348: Unchecked Regular expressions can lead to privilege escalation and data leakage > -SECURITY: Protect against certain SQL Injection attacks > -SECURITY: Protect against certain command level injections in snmp functions > -SECURITY: Protect against SQL Injection in graphs.php > -SECURITY: Protect against SQL Injection in reports_user.php > -SECURITY: Protext against Reflected XSS in graphs_new.php This seems to have been fixed with the update to 1.2.25 issued for the child bugs of bug 1215024 |