CVE-2023-30534
Insecure Deserialization in Cacti
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Cacti es un framework de gestión de fallas y monitoreo operativo de código abierto. Hay dos casos de deserialización insegura en la versión 1.2.24 de Cacti. Mientras exista una cadena viable de gadgets en el directorio Cacti’s vendor (phpseclib), los gadgets necesarios no están incluidos, lo que los hace inaccesibles y las deserializaciones inseguras no son explotables. Cada caso de deserialización insegura se debe al uso de la función unserialize sin sanear la entrada del usuario. Cacti tiene una deserialización “segura” que intenta sanitizar el contenido y verificar valores específicos antes de llamar a unserialize, pero no se usa en estos casos.El código vulnerable se encuentra en graphs_new.php, específicamente dentro de la función host_new_graphs_save. Este problema se solucionó en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2023-04-12 CVE Reserved
- 2023-09-05 CVE Published
- 2024-09-26 CVE Updated
- 2024-09-26 First Exploit
- 2024-10-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-502: Deserialization of Untrusted Data
CAPEC
References (5)
URL | Date | SRC |
---|---|---|
https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p | 2024-09-26 | |
https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25 | 2024-09-26 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cacti Search vendor "Cacti" | Cacti Search vendor "Cacti" for product "Cacti" | < 1.2.25 Search vendor "Cacti" for product "Cacti" and version " < 1.2.25" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
|