VDB
CVE-2024-25641
CVE-2024-25641
PUBLISHED
In Cacti existieren mehrere Schwachstellen. Diese bestehen beim Import von speziell bearbeiteten Packages und aufgrund einer File Inclusion. Ein authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Code zur Ausführung zu bringen.
EPSS 88.19% · 99.5th percentile
Risk Scores
EPSS Score
88.19%
99.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source Cacti <1.2.27 | |
| SUSE | SUSE openSUSE | |
| Debian | Debian Linux | |
| Fedora | Fedora Linux | |
| Ubuntu | Ubuntu Linux |
Timeline
- Jan 21, 1970 Security Advisory
- May 12, 2024 CVE Published
- May 14, 2024 EPSS Score
- May 15, 2024 PoC Published
- Jun 12, 2024 PoC Published
- Jun 13, 2024 PoC Published
- Jul 2, 2024 EPSS Score
- Jul 26, 2024 EPSS Score
- Sep 9, 2024 CVE Updated
- Sep 11, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 5, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1095.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1095 advisory
- https://www.cacti.net/info/changelog advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87 advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3 advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-17176c2215 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-27a594f71d advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d0445178a9 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-4ea9ddc0f7 advisory
- https://ubuntu.com/security/notices/USN-6969-1 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TICTDSNKZDF27FVLCXHQWQDX7E7X3TDN/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JAAOBG657QTBRHKB55GHL2C7553NKG67/ advisory
- https://lists.debian.org/debian-lts-announce/2024/09/msg00027.html advisory