VDB
CVE-2023-39366
CVE-2023-39366
PUBLISHED
In Cacti existieren mehrere Schwachstellen. Diese sind auf mehrere Fehler hinsichtlich von Überprüfung von Benutzereingaben sowie auf fehlerhafte Standartberechtigungen zurückzuführen. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuführen. Die Ausnutzung einiger dieser Schwachstellen erfordert eine Anmeldung oder eine Nutzerinteraktion.
EPSS 0.41% · 61.8th percentile
Risk Scores
EPSS Score
0.41%
61.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| Open Source | Open Source Cacti <1.2.25 | |
| Open Source | Open Source Cacti <1.30 | |
| Gentoo | Gentoo Linux | |
| Ubuntu | Ubuntu Linux | |
| Amazon | Amazon Linux 2 |
Timeline
- Sep 5, 2023 CVE Published
- Sep 6, 2023 EPSS Score
- Oct 9, 2023 EPSS Score
- Nov 10, 2023 EPSS Score
- Dec 13, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Mar 20, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
- May 24, 2024 EPSS Score
- Jun 25, 2024 EPSS Score
- Jul 28, 2024 EPSS Score
- Aug 29, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2275.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2275 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876 advisory
- https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-bcf6c3bf53 advisory
…and 13 more