Cacti Command Injection and XSS Vulnerabilities - 20240516004 (#741)

* SolarWinds Releases Patches for Access Rights Manager vulnerabilities - 20240219001 * Format markdown files * Format markdown files * Junos OS RCE Vulnerability - 20240226002 * Format markdown files * Windows Themes Spoofing Vulnerability - 20240308003 * Format markdown files * Windows Themes Spoofing Vulnerability - 20240308003 - edited * Akamai Kubernetes Vulnerability - 20240318002 * Format markdown files * CISA Releases Multiple Critical Infrastructure Related Advisories - 20240327001 * Format markdown files * PGAdmin Remote Code Execution Vulnerability - 20240408001 * Format markdown files * Update 20240408001-PGAdmin-Remote-Code-Execution-Vulnerability.md FIxing tables * Format markdown files * Palo Alto Networks PAN-OS Command Injection Vulnerability added to CISA Known Exploited Catalog - 20240415001 * Format markdown files * Palo Alto Networks PAN-OS Command Injection Vulnerability added to CISA Known Exploited Catalog - 20240415001 * Format markdown files * Update 20240415001-PaloAlto-Networks-PAN-OS-Command-Injection-Vulnerability-added-to-CISA-Known-Exploited-Catalog.md Added older versions updates and Zero day notes * Format markdown files * Google Chrome Multiple RCE Vulnerabilities - 20240418002 * Format markdown docs * Remove duplicate 20240415001-PaloAlto * Update 20240418002-Google-Chrome-Multiple-RCE-Vulnerabilities.md Reviewed and Approved * Format markdown docs * Libreswan Popular VPN Software Vulnerability - 20240419004 * Format markdown docs * Update 20240419004-Libreswan-Popular-VPN-Software-Vulnerability.md Fix table * Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability - 20240422002 * Format markdown docs * Update 20240422002-Microsoft-Edge-Chromium-based-Security-Feature-Bypass-Vulnerability.md fix tables * Windows Kernel Elevation of Privilege Vulnerability - 20240429001 * Format markdown docs * Update 20240429001-Windows-Kernel-Elevation-of-Privilege-Vulnerability.md fixing table * Acrobat Reader Vulnerability - 20240503003 * Format markdown docs * Google Chrome Arbitrary Code Execution Multiple Vulnerabilities - 20240509001 * Format markdown docs * Update 20240509001-Google-Chrome-Arbitrary-Code-Execution-Multiple-Vulnerabilities.md Fix table * Microsoft Edge (Chromium-based) Spoofing Vulnerability - 20240513003 * Format markdown docs * Update 20240513003-Microsoft-Edge-Chromium-based-Spoofing-Vulnerability.md Fix table * Cacti Command Injection and XSS Vulnerabilities - 20240516004 * Format markdown docs --------- Co-authored-by: GitHub Actions <actions@github.com> Co-authored-by: Joshua Hitchen (DGov) <86041569+DGovEnterprise@users.noreply.github.com> Co-authored-by: LSerki <LSerki@users.noreply.github.com> Co-authored-by: DGovEnterprise <DGovEnterprise@users.noreply.github.com>
wagov · May 16, 2024 · 3e9ec60 · 3e9ec60
1 parent fd8b834
commit 3e9ec60
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/docs/advisories/20240516004-Cacti-Command-Injection-and-XSS-Vulnerabilities.md b/docs/advisories/20240516004-Cacti-Command-Injection-and-XSS-Vulnerabilities.md
@@ -0,0 +1,24 @@
+# Cacti Command Injection and XSS Vulnerabilities - 20240516004
+
+## Overview
+
+Cacti, an operational monitoring and fault management framework, has recently released a crucial security update to address two significant vulnerabilities that could leave systems exposed to malicious attacks.
+
+## What is vulnerable?
+
+| CVE                                                               | Severity     | CVSS | Product(s) Affected           | Summary | Dated |
+| ----------------------------------------------------------------- | ------------ | ---- | ----------------------------- | ------- | ----- |
+| [CVE-2024-29895](https://nvd.nist.gov/vuln/detail/CVE-2024-29895) | **Critical** | 10   | **versions before 1.3.x DEV** |         |       |
+| [CVE-2024-30268](https://nvd.nist.gov/vuln/detail/CVE-2024-30268) | **Medium**   | 6.1  | **versions before 1.3.x DEV** |         |       |
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer [Patch Management](../guidelines/patch-management.md)):
+
+- https://github.com/Cacti/cacti/security/advisories/GHSA-cr28-x256-xf5m
+- https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc
+- https://github.com/Cacti/cacti/commit/53e8014d1f082034e0646edc6286cde3800c683d
+- https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/cmd_realtime.php#L119
+- https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q
+- https://github.com/Cacti/cacti/commit/a38b9046e9772612fda847b46308f9391a49891e
+- https://github.com/Cacti/cacti/blob/08497b8bcc6a6037f7b1aae303ad8f7dfaf7364e/settings.php#L66