VDB
CVE-2024-31459
CVE-2024-31459
PUBLISHED
In Cacti existieren mehrere Schwachstellen. Diese bestehen beim Import von speziell bearbeiteten Packages und aufgrund einer File Inclusion. Ein authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Code zur Ausführung zu bringen.
EPSS 1.84% · 83.3th percentile
Risk Scores
EPSS Score
1.84%
83.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| Open Source | Open Source Cacti <1.2.27 | |
| Fedora | Fedora Linux | |
| SUSE | SUSE openSUSE | |
| Ubuntu | Ubuntu Linux |
Timeline
- Jan 21, 1970 Security Advisory
- May 12, 2024 CVE Published
- May 14, 2024 EPSS Score
- May 14, 2024 PoC Published
- Jun 8, 2024 EPSS Score
- Jul 26, 2024 EPSS Score
- Aug 19, 2024 EPSS Score
- Sep 9, 2024 CVE Updated
- Sep 11, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 29, 2024 EPSS Score
- Nov 22, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1095.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1095 advisory
- https://www.cacti.net/info/changelog advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87 advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3 advisory
- https://github.com/cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-17176c2215 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-27a594f71d advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d0445178a9 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-4ea9ddc0f7 advisory
- https://ubuntu.com/security/notices/USN-6969-1 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TICTDSNKZDF27FVLCXHQWQDX7E7X3TDN/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JAAOBG657QTBRHKB55GHL2C7553NKG67/ advisory
- https://lists.debian.org/debian-lts-announce/2024/09/msg00027.html advisory