Bug 1915042 (CVE-2020-35701)

Summary:	CVE-2020-35701 cacti: SQL injection vulnerability in data_debug.php
Product:	[Other] Security Response	Reporter:	Pedro Sampaio <psampaio>
Component:	vulnerability	Assignee:	Red Hat Product Security <security-response-team>
Status:	CLOSED UPSTREAM	QA Contact:
Severity:	urgent	Docs Contact:
Priority:	urgent
Version:	unspecified	CC:	imlinux+fedora, marc.w.hagen, mstevens
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-01-12 00:27:40 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	1915043, 1915044
Bug Blocks:

Description Pedro Sampaio 2021-01-11 20:07:28 UTC

An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.

https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/
https://github.com/Cacti/cacti/issues/4022

Comment 1 Pedro Sampaio 2021-01-11 20:08:04 UTC

Created cacti tracking bugs for this issue:

Affects: epel-all [bug 1915044]
Affects: fedora-all [bug 1915043]

Comment 2 Product Security DevOps Team 2021-01-12 00:27:40 UTC

This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.