Bug 2255601 (CVE-2023-49084)

Summary: CVE-2023-49084 cacti: RCE when managing links
Product: [Other] Security Response Reporter: TEJ RATHI <trathi>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: cacti 1.2.26 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2255602, 2255603    
Bug Blocks:    

Description TEJ RATHI 2023-12-22 11:15:23 UTC 
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.

https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp
Comment 1 TEJ RATHI 2023-12-22 11:15:46 UTC 
Created cacti tracking bugs for this issue:

Affects: epel-all [bug 2255603]
Affects: fedora-all [bug 2255602]