The remote Debian 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5862 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5862-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     February 10, 2025                     https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : cacti     CVE ID         : CVE-2024-27082 CVE-2024-43362 CVE-2024-43363 CVE-2024-43364                      CVE-2024-43365 CVE-2024-45598 CVE-2024-54145 CVE-2025-22604                      CVE-2025-24367 CVE-2025-24368     Debian Bug     : 1094574

    Multiple security vulnerabilities have been discovered in Cacti, a web     interface for graphing of monitoring systems, which could result in     cross-site scripting, SQL injection, or command injection.

    For the stable distribution (bookworm), these problems have been fixed in     version 1.2.24+ds1-1+deb12u5.

    We recommend that you upgrade your cacti packages.

    For the detailed security status of cacti please refer to its security     tracker page at:
    https://security-tracker.debian.org/tracker/cacti

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian dsa-5862 : cacti - security update

high Nessus Plugin ID 215468

Version 1.5