This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
cacti was updated to 0.8.8d to fix multiple security issues and bugs.
The following vulnerabilities were fixed :
- SQL injection VN: JVN#78187936 / TN:JPCERT#98968540
- Cacti Cross-Site Scripting Vulnerability Notification
- SQL Injection and Location header injection from cdef id
- SQL injection in graph templates
Also contains bug fixes in the upstream 0.8.8d release.
See also :
Update the affected cacti package.
Risk factor :
High / CVSS Base Score : 7.5