Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

- Update to 0.8.8g Release notes:
    http://www.cacti.net/release_notes_0_8_8g.php

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Various cross-site scripting (XSS) flaws (CVE-2013-5588 , CVE-2014-5025 , CVE-2014-5026) and various SQL injection flaws (CVE-2013-5589 , CVE-2015-4342 , CVE-2015-4634 , CVE-2015-8377 , CVE-2015-8604) were discovered affecting versions of Cacti prior to 0.8.8g.

Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. (CVE-2015-2665)

SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php. (CVE-2015-4454)

According to its self-reported version number, the Cacti application running on the remote web server is prior to version 0.8.8d. It is, therefore, potentially affected by multiple vulnerabilities :

  - A stored cross-site scripting vulnerability exists due     to improper validation of user-supplied input in     graphs.php. A remote attacker can exploit this to inject     arbitrary web script or HTML. (CVE-2015-2665)

  - A SQL injection vulnerability exists due to improper     validation of user-supplied input to the 'cdef'     parameter in cdef.php. A remote attacker can exploit     this to execute arbitrary SQL commands. (CVE-2015-4342)

  - A SQL injection vulnerability exists due to improper     validation of user-supplied input to the     'graph_template_id' parameter in graph_templates.php. A     remote attacker can exploit this to execute arbitrary     SQL commands. (CVE-2015-4454)

Several vulnerabilities (cross-site scripting and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.

We recommend that you upgrade your cacti packages.

CVE-2015-2665

Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2015-4342

SQL Injection and Location header injection from cdef id

CVE-2015-4454

SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php

Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540

SQL injection vulnerability in the settings page

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several vulnerabilities (cross-site scripting and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.

ID	Name	Product	Family	Severity
90963	Fedora 24 : cacti-0.8.8g-1.fc24 (2016-852a39e085)	Nessus	Fedora Local Security Checks	high
90899	Fedora 22 : cacti-0.8.8g-1.fc22 (2016-4a5ce6a6c0)	Nessus	Fedora Local Security Checks	high
90875	Fedora 23 : cacti-0.8.8g-1.fc23 (2016-a8e2be0fe6)	Nessus	Fedora Local Security Checks	high
90155	Amazon Linux AMI : cacti (ALAS-2016-673)	Nessus	Amazon Linux Local Security Checks	high
84549	Cacti < 0.8.8d Multiple Vulnerabilities	Nessus	CGI abuses	high
84433	Debian DLA-255-1 : cacti security update	Nessus	Debian Local Security Checks	high
84373	Debian DSA-3295-1 : cacti - security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2015-2665

medium

Tenable Plugins

high

high

high

high

high

high

high