vulnerability
FreeBSD: VID-ED18AA92-E4F4-11E9-B6FA-3085A9A95629 (CVE-2019-16723): cacti -- Authenticated users may bypass authorization checks
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Sep 23, 2019 | Oct 3, 2019 | Jan 22, 2020 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Sep 23, 2019
Added
Oct 3, 2019
Modified
Jan 22, 2020
Description
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
Solution
freebsd-upgrade-package-cacti
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.