#VU54527 Session Fixation in Cacti
Vulnerability identifier: #VU54527
Vulnerability risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-384
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cacti
Web applications /
Other software
Vendor: The Cacti Group, Inc.
Description
The vulnerability allows a remote attacker to compromise victim's account.
The vulnerability exists due to software does not always invalidates session identifier after user logs out. A remote attacker can re-use the session ID to gain unauthorized access to the application.
Note, the vulnerability requites that cacti is installed on PHP 5.x.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cacti: 1.2.0 - 1.2.17
External links
http://github.com/Cacti/cacti/releases/tag/release/1.2.18
http://github.com/Cacti/cacti/pull/4282
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
