vulnerability

FreeBSD: VID-86224a04-26de-11ea-97f2-001a8c5c04b6 (CVE-2019-17357): cacti -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Jan 6, 2020	Jan 7, 2020	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Jan 6, 2020

Added

Jan 7, 2020

Modified

Dec 10, 2025

Description

The cacti developers reports: When viewing graphs, some input variables are not properly checked (SQL injection possible). Multiple instances of lib/functions.php are affected by unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.

Solution

freebsd-upgrade-package-cacti

References

CVE-2019-17357
https://attackerkb.com/topics/CVE-2019-17357
CWE-89

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today