Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-12-22T16:13:13.259Z
Updated: 2023-12-22T16:13:13.259Z
Reserved: 2023-11-21T18:57:30.428Z
Link: CVE-2023-49085
JSON object: View
NVD Information
Status : Modified
Published: 2023-12-22T17:15:07.990
Modified: 2024-06-10T17:16:15.307
Link: CVE-2023-49085
JSON object: View
Redhat Information
No data.
CWE