PT-2024-12: SQL Injection in Cacti

HIGH

(8.7) CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

THREATSCAPE

Analytics articles

What are the security threats on your network?

Check your traffic-for free

Request pilot

Vendor: Cacti

Product: Cacti

Vulnerable version: 1.2.25

Vulnerability type:

- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Identifier (ID):

BDU:2024-01113

CVE-2023-49085

Vulnerability vector:

- Base vulnerability score (CVSSv3.1): CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

- Severity (CVSSv3.1): 8.8 (high)

- Base vulnerability score (CVSSv4.0): CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

- Severity (CVSSv4.0): 8.7 (high)

Description:

The vulnerability was identified in Cacti version 1.2.25 and below. It allows to execute arbitrary SQL code. The vulnerability can be exploited by an authorized user using the vulnerable component pollers.php.

Vulnerability status: Confirmed by vendor

Date of vulnerability detection: 22.12.2023

Recommendations: Update to version 1.2.26 or higher

Additional information: Security Advisory

Researcher: Aleksey Solovev (Positive Technologies)

Identifier:

CVE-2023-49085

Vendor:

Cacti

Vulnerable product:

Cacti

Get in touch

Fill in the form and our specialists
will contact you shortly

General
questions

We're happy to answer any questions you may have.

Partnership

Join us in making the world a safer place.

Request a pilot

Test drive our solutions with a customized pilot program.