Back to search
CVE-2019-16723
Published: Sep 23, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/Cacti/cacti/issues/2964
x_refsource_MISC
FEDORA-2019-6bf27b45b3
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-362f0e9710
vendor-advisory
x_refsource_FEDORA
20200120 [SECURITY] [DSA 4604-1] cacti security update
mailing-list
x_refsource_BUGTRAQ
DSA-4604
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2020:0272
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2020:0284
vendor-advisory
x_refsource_SUSE
GLSA-202003-40
vendor-advisory
x_refsource_GENTOO
openSUSE-SU-2020:0558
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2020:0565
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now