Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-29894

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue.

Published

2024-05-14T15:17:14.577

Last Modified

2024-12-18T21:10:38.887

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79
CWE-116
Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cacti	cacti	< 1.2.27	Yes
Operating System	fedoraproject	fedora	39	Yes

References

https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh Exploit, Vendor Advisory ([email protected])
https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73 Exploit, Vendor Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/[email protected]/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/ Product ([email protected])
https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73 Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/ Product (af854a3a-2127-422b-91ae-364da2661108)