The 0.8.8e release of Cacti fixed various SQL injections, one of which is assigned CVE-2015-4634: http://www.cacti.net/release_notes_0_8_8e.php Details of CVE-2015-4634 -- SQL injection in graphs.php: http://bugs.cacti.net/view.php?id=2577
Created cacti tracking bugs for this issue: Affects: fedora-21 [bug 1242867] Affects: epel-all [bug 1242868]
as per irc discussion, please note 0.8.8e introduces functionality bugs in the poller, which are addressed in 0.8.8f, to fix this issue and avoid introduction functionality problems a move to 0.8.8f should be considered: http://www.cacti.net/release_notes_0_8_8f.php
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.