CVE-2023-39359: Authenticated SQL injection vulnerability in graphs.php in Cacti
First published: Tue Sep 05 2023(Updated: )
Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cacti Cacti | <1.2.25 | |
| Fedoraproject Fedora | =37 | |
| Fedoraproject Fedora | =38 | |
| debian/cacti | <=1.2.2+ds1-2+deb10u4<=1.2.2+ds1-2+deb10u5<=1.2.16+ds1-2+deb11u1<=1.2.24+ds1-1 | 1.2.16+ds1-2+deb11u2 1.2.24+ds1-1+deb12u1 1.2.25+ds1-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/
- https://github.com/cacti/cacti/commit/7459ff57abcd97ab8bc7a19de9e308ca62c17d38
- https://security-tracker.debian.org/tracker/CVE-2023-39359
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/
- https://www.debian.org/security/2023/dsa-5550
Frequently Asked Questions
What is the vulnerability ID of the Cacti vulnerability?
The vulnerability ID of the Cacti vulnerability is CVE-2023-39359.
What is Cacti?
Cacti is an open source operational monitoring and fault management framework.
What is the severity of CVE-2023-39359?
The severity of CVE-2023-39359 is high.
How does CVE-2023-39359 affect Cacti?
CVE-2023-39359 allows authenticated users to perform privilege escalation and remote code execution in Cacti.
How can I fix CVE-2023-39359?
To fix CVE-2023-39359, you should update Cacti to version 1.2.26 or later.
- collector/nvd-index
- collector/security-tracker-debian
- collector/nvd-api
- agent/author
- agent/first-publish-date
- agent/softwarecombine
- agent/event
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/references
- agent/title
- agent/tags
- agent/description
- vendor/cacti
- canonical/cacti cacti
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/37
- version/fedoraproject fedora/38
- package-manager/debian