vulnerability

Ubuntu: USN-6969-1 (CVE-2024-31443): Cacti vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:S/C:N/I:N/A:C)	May 14, 2024	Aug 21, 2024	Apr 16, 2026

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:N/A:C)

Published

May 14, 2024

Added

Aug 21, 2024

Modified

Apr 16, 2026

Description

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

Solutions

ubuntu-pro-upgrade-cactiubuntu-upgrade-cacti

References

CVE-2024-31443
https://attackerkb.com/topics/CVE-2024-31443
CWE-79
EUVD-EUVD-2024-29332
UBUNTU-USN-6969-1
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-29332

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report