CVE-2023-39511: Stored Cross-Site-Scripting on reports_admin.php device name in Cacti
First published: Wed Sep 06 2023(Updated: )
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually filter HTML output.
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cacti Cacti | <1.2.25 | |
| Fedoraproject Fedora | =37 | |
| Fedoraproject Fedora | =38 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/
Frequently Asked Questions
What is CVE-2023-39511?
CVE-2023-39511 refers to a Stored Cross-Site-Scripting (XSS) vulnerability in Cacti, allowing an authenticated user to manipulate data stored in the Cacti database.
What is the severity of CVE-2023-39511?
The severity of CVE-2023-39511 is medium with a CVSS score of 4.8.
How does CVE-2023-39511 affect Cacti?
CVE-2023-39511 affects Cacti versions up to and excluding 1.2.25, allowing authenticated users to inject malicious scripts into the Cacti database.
How can I fix the CVE-2023-39511 vulnerability?
To fix the CVE-2023-39511 vulnerability, it is recommended to update Cacti to version 1.2.25 or higher.
Where can I find more information about CVE-2023-39511?
You can find more information about CVE-2023-39511 at the following link: [GitHub Advisory](https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42)
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/event
- agent/author
- agent/severity
- agent/first-publish-date
- agent/last-modified-date
- agent/description
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cacti
- canonical/cacti cacti
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/37
- version/fedoraproject fedora/38