Detections
Analytics
Cacti < 0.8.6f Authentication Bypass Vulnerability
high Nessus Plugin ID 18619
Synopsis
The remote web server is running a PHP application that is affected by an authentication bypass vulnerability.Description
The Cacti application running on the remote web server is affected by an authentication bypass vulnerability.Solution
Upgrade to Cacti 0.8.6f or later.See Also
http://www.nessus.org/u?a392bde5
http://www.nessus.org/u?79df242f
Plugin Details
Severity: High
ID: 18619
File Name: cacti_086f.nasl
Version: 1.23
Type: remote
Family: CGI abuses
Published: 7/5/2005
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:cacti:cacti
Required KB Items: www/cacti
Exploit Available: true
Exploit Ease: No exploit is required
Patch Publication Date: 7/1/2005
Vulnerability Publication Date: 7/2/2005
Reference Information
CVE: CVE-2005-2148, CVE-2005-2149