- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3884-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien Roucariès
September 09, 2024                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : cacti
Version        : 1.2.16+ds1-2+deb11u4
CVE ID         : CVE-2022-41444 CVE-2024-25641 CVE-2024-31443 CVE-2024-31444
                 CVE-2024-31445 CVE-2024-31458 CVE-2024-31459 CVE-2024-31460
                 CVE-2024-34340

Cacti, a web interface for graphing of monitoring systems, was vulnerable.

CVE-2022-41444

    A Cross Site Scripting (XSS) vulnerability was found via crafted
    POST request to graphs_new.php.

CVE-2024-25641

    An arbitrary file write vulnerability was found, exploitable through
    the "Package Import" feature. This vulnerability allowed authenticated
    users having the "Import Templates" permission to execute
    arbitrary PHP code (RCE) on the web server.

CVE-2024-31443

    A Cross Site Scripting (XSS) vulnerabilty was found via crafted request
    to data_queries.php file.

CVE-2024-31444

    A Cross Site Scripting (XSS) vulnerabilty was found via crafted request
    to automation_tree_rules.php file, via automation_tree_rules_form_save()
    function.

CVE-2024-31445

    A SQL injection vulnerabilty was found in automation_get_new_graphs_sql
    function of `api_automation.php` allows authenticated users to exploit
    these SQL injection vulnerabilities to perform privilege escalation and
    remote code execution.

CVE-2024-31458

    A SQL injection vulnerability was found in form_save() function in
    graph_template_inputs.php file.

CVE-2024-31459

    A file inclusion issue in the 'lib/plugin.php' file was found. Combined
    with a SQL injection vulnerabilities, remote code execution (RCE) can
    be implemented.

CVE-2024-31460

    A SQL injection vulnerability was found in some of the data stored in
    automation_tree_rules.php file.

CVE-2024-34340

    A type juggling vulnerability was found in compat_password_verify function.
    Md5-hashed user input is compared with correct password in database by
    `$md5 == $hash`.
    It is a loose comparison, not the correct stricter `===`.

For Debian 11 bullseye, these problems have been fixed in version
1.2.16+ds1-2+deb11u4.

We recommend that you upgrade your cacti packages.

For the detailed security status of cacti please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/cacti

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-3884-1: cacti Security Advisory Updates

September 9, 2024
Cacti, a web interface for graphing of monitoring systems, was vulnerable

Summary

CVE-2022-41444

A Cross Site Scripting (XSS) vulnerability was found via crafted
POST request to graphs_new.php.

CVE-2024-25641

An arbitrary file write vulnerability was found, exploitable through
the "Package Import" feature. This vulnerability allowed authenticated
users having the "Import Templates" permission to execute
arbitrary PHP code (RCE) on the web server.

CVE-2024-31443

A Cross Site Scripting (XSS) vulnerabilty was found via crafted request
to data_queries.php file.

CVE-2024-31444

A Cross Site Scripting (XSS) vulnerabilty was found via crafted request
to automation_tree_rules.php file, via automation_tree_rules_form_save()
function.

CVE-2024-31445

A SQL injection vulnerabilty was found in automation_get_new_graphs_sql
function of `api_automation.php` allows authenticated users to exploit
these SQL injection vulnerabilities to perform privilege escalation and
remote code execution.

CVE-2024-31458

A SQL injection vulnerability was ...

Read the Full Advisory


Severity
Package : cacti
Version : 1.2.16+ds1-2+deb11u4
CVE ID : CVE-2022-41444 CVE-2024-25641 CVE-2024-31443 CVE-2024-31444

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved