Bug 2237595 (CVE-2023-39361)

Summary: CVE-2023-39361 cacti: Unauthenticated SQL Injection when viewing graphs
Product: [Other] Security Response Reporter: Avinash Hanwate <ahanwate>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2237596, 2237597    
Bug Blocks:    

Description Avinash Hanwate 2023-09-06 05:11:46 UTC 
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.

https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg
Comment 1 Avinash Hanwate 2023-09-06 05:12:08 UTC 
Created cacti tracking bugs for this issue:

Affects: epel-all [bug 2237596]
Affects: fedora-all [bug 2237597]