CVE-2024-31460 — Vulnetix

CVE-2024-31460 PUBLISHED

In Cacti existieren mehrere Schwachstellen. Hierbei handelt es sich um Probleme bei dem Abrufen von Diagrammen mit der Automatisierungs-API, bei der Verwendung von Baumregeln über die Automatisierungs-API und bei der Verwendung von Formularvorlagen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um SQL-Injection Angriffe durchzuführen.

EPSS 1.69% · 82.6th percentile

Risk Scores

EPSS Score

1.69%

82.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu	Ubuntu Linux
Debian	Debian Linux
Open Source	Open Source Cacti <1.2.27
SUSE	SUSE openSUSE
Fedora	Fedora Linux

Timeline

Jan 21, 1970 Security Advisory
May 12, 2024 CVE Published
May 14, 2024 EPSS Score
Jun 8, 2024 EPSS Score
Jul 2, 2024 EPSS Score
Aug 19, 2024 EPSS Score
Sep 9, 2024 CVE Updated
Sep 11, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 5, 2024 EPSS Score
Oct 29, 2024 EPSS Score
Dec 17, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1095.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1095 advisory
https://www.cacti.net/info/changelog advisory
https://github.com/cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m advisory
https://github.com/cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 advisory
https://github.com/cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv advisory
https://github.com/cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r advisory
https://github.com/cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh advisory
https://github.com/cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x advisory
https://github.com/cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87 advisory
https://github.com/cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3 advisory
https://github.com/cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc advisory
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-17176c2215 advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2024-27a594f71d advisory
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-d0445178a9 advisory
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-4ea9ddc0f7 advisory
https://ubuntu.com/security/notices/USN-6969-1 advisory
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TICTDSNKZDF27FVLCXHQWQDX7E7X3TDN/ advisory
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JAAOBG657QTBRHKB55GHL2C7553NKG67/ advisory
https://lists.debian.org/debian-lts-announce/2024/09/msg00027.html advisory

Open in Interactive Console →