CVE-2023-39361 - OpenCVE

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Cacti	Cacti
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*

References

Link	Resource
https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg	Exploit Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/	Mailing List
https://www.debian.org/security/2023/dsa-5550

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-09-05T20:58:00.188Z

Updated: 2023-09-05T20:58:00.188Z

Reserved: 2023-07-28T13:26:46.480Z

Link: CVE-2023-39361

JSON object: View

NVD Information

Status : Modified

Published: 2023-09-05T21:15:46.880

Modified: 2024-03-18T20:15:07.513

Link: CVE-2023-39361

JSON object: View

Redhat Information

No data.

CWE

CWE-89

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-39361", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-07-28T13:26:46.480Z", "datePublished": "2023-09-05T20:58:00.188Z", "dateUpdated": "2023-09-05T20:58:00.188Z"}, "containers": {"cna": {"title": "Unauthenticated SQL Injection in graph_view.php in Cacti", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"}, {"url": "https://www.debian.org/security/2023/dsa-5550"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"}], "affected": [{"vendor": "Cacti", "product": "cacti", "versions": [{"version": "< 1.2.25", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-09-05T20:58:00.188Z"}, "descriptions": [{"lang": "en", "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-6r43-q2fw-5wrg", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*", "matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una inyecci\u00f3n SQL descubierta en graph_view.php. Desde que los usuarios invitados pueden acceder a graph_view.php sin autenticaci\u00f3n por defecto, si los usuarios invitados est\u00e1n siendo utilizados en un estado habilitado, podr\u00edan potencialmente producir da\u00f1os importantes. Los atacantes pueden explotar esta vulnerabilidad, y puede haber posibilidades de acciones tales como la usurpaci\u00f3n de privilegios administrativos o la ejecuci\u00f3n remota de c\u00f3digo. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad."}], "id": "CVE-2023-39361", "lastModified": "2024-03-18T20:15:07.513", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-09-05T21:15:46.880", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg"}, {"source": "security-advisories@github.com", "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html"}, {"source": "security-advisories@github.com", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/"}, {"source": "security-advisories@github.com", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/"}, {"source": "security-advisories@github.com", "url": "https://www.debian.org/security/2023/dsa-5550"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Primary"}]}