CVE-2024-45598

Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply going to Logs tab and selecting the name of the local file will show its content on the web UI. This vulnerability is fixed in 1.2.29.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
GitHub_MCNA
6 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
VendorProductVersion
cacticacti
𝑥
< 1.2.29
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cacti
bullseye
vulnerable
bullseye (security)
1.2.16+ds1-2+deb11u5
fixed
bookworm
1.2.24+ds1-1+deb12u5
fixed
bookworm (security)
1.2.24+ds1-1+deb12u5
fixed
sid
1.2.30+ds1-1
fixed
trixie
1.2.30+ds1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cacti
plucky
needs-triage
oracular
needs-triage
noble
needs-triage
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
Common Weakness Enumeration
References
https://github.com/Cacti/cacti/commit/eca52c6bb3e76c55d66b1040baa6dbf37471a0ae
https://github.com/Cacti/cacti/security/advisories/GHSA-pv2c-97pp-vxwg