Multiple vulnerabilities in Cacti
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-20723 CVE-2018-20724 CVE-2018-20725 CVE-2018-20726 |
| CWE-ID | CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cacti Web applications / Other software |
| Vendor | The Cacti Group, Inc. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Cross-site scripting
EUVDB-ID: #VU36232
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20723
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
External linkshttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
http://github.com/Cacti/cacti/blob/develop/CHANGELOG
http://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
http://github.com/Cacti/cacti/issues/2215
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Cross-site scripting
EUVDB-ID: #VU36233
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20724
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
External linkshttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
http://github.com/Cacti/cacti/blob/develop/CHANGELOG
http://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53
http://github.com/Cacti/cacti/issues/2212
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site scripting
EUVDB-ID: #VU36234
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20725
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
External linkshttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
http://github.com/Cacti/cacti/blob/develop/CHANGELOG
http://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
http://github.com/Cacti/cacti/issues/2214
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU36235
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20726
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
External linkshttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
http://github.com/Cacti/cacti/blob/develop/CHANGELOG
http://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
http://github.com/Cacti/cacti/issues/2213
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
