CVE-2023-39358
Authenticated SQL injection vulnerability in reports_user.php in Cacti
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Se descubrió una vulnerabilidad de inyección SQL autenticada que permite a los usuarios autenticados realizar una escalada de privilegios y la ejecución remota de código. La vulnerabilidad reside en el archivo `reports_user.php`. En `ajax_get_branches` el parámetro `tree_id` pasa por la función `reports_get_branch_select` sin ninguna validación.Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2023-07-28 CVE Reserved
- 2023-09-05 CVE Published
- 2024-09-26 CVE Updated
- 2024-09-26 First Exploit
- 2024-10-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (4)
URL | Date | SRC |
---|---|---|
https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g | 2024-09-26 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cacti Search vendor "Cacti" | Cacti Search vendor "Cacti" for product "Cacti" | < 1.2.25 Search vendor "Cacti" for product "Cacti" and version " < 1.2.25" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
|