VDB
CVE-2023-39361
CVE-2023-39361
PUBLISHED
In Cacti existieren mehrere Schwachstellen. Diese sind auf mehrere Fehler hinsichtlich von Überprüfung von Benutzereingaben sowie auf fehlerhafte Standartberechtigungen zurückzuführen. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuführen. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Nutzerinteraktion.
EPSS 92.28% · 99.7th percentile
Risk Scores
EPSS Score
92.28%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gentoo | Gentoo Linux | |
| Ubuntu | Ubuntu Linux | |
| Debian | Debian Linux | |
| Open Source | Open Source Cacti <1.2.25 | |
| Open Source | Open Source Cacti <1.30 | |
| Amazon | Amazon Linux 2 | |
| Fedora | Fedora Linux |
Timeline
- CVE Published
- Sep 6, 2023 EPSS Score
- Sep 6, 2023 Nuclei Template
- Sep 6, 2023 Fix Commit
- Sep 7, 2023 EPSS Score
- Oct 13, 2023 EPSS Score
- Nov 9, 2023 EPSS Score
- Nov 18, 2023 EPSS Score
- Dec 13, 2023 EPSS Score
- Jan 15, 2024 EPSS Score
- Feb 7, 2024 EPSS Score
- Feb 8, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2275.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2275 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-bcf6c3bf53 advisory
…and 13 more