Multiple vulnerabilities in Cacti
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-20723 CVE-2018-20724 CVE-2018-20725 CVE-2018-20726 |
| CWE-ID | CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cacti Web applications / Other software |
| Vendor | The Cacti Group, Inc. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Cross-site scripting
EUVDB-ID: #VU36232
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-20723
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.2:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
https://github.com/Cacti/cacti/blob/develop/CHANGELOG
https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
https://github.com/Cacti/cacti/issues/2215
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Cross-site scripting
EUVDB-ID: #VU36233
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-20724
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.2:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
https://github.com/Cacti/cacti/blob/develop/CHANGELOG
https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53
https://github.com/Cacti/cacti/issues/2212
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site scripting
EUVDB-ID: #VU36234
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-20725
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.2:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
https://github.com/Cacti/cacti/blob/develop/CHANGELOG
https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
https://github.com/Cacti/cacti/issues/2214
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU36235
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-20726
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to read and manipulate data.
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
MitigationInstall update from vendor's website.
Vulnerable software versionsCacti: 1.0.0 - 1.1.38
CPE2.3- cpe:2.3:a:the_cacti_group:cacti:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:the_cacti_group:cacti:1.0.2:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
https://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
https://github.com/Cacti/cacti/blob/develop/CHANGELOG
https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
https://github.com/Cacti/cacti/issues/2213
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
