Vulnerability Details : CVE-2024-31459
Potential exploit
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue.
Vulnerability category: Sql InjectionExecute code
Products affected by CVE-2024-31459
- cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
- cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2024-31459
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 47 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-31459
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.1
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
N/A
|
N/A
|
GitHub, Inc. | 2024-05-13 |
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
NIST | 2024-12-18 |
8.0
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.3
|
6.0
|
GitHub, Inc. | 2024-05-14 |
CWE ids for CVE-2024-31459
-
The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.Assigned by: security-advisories@github.com (Secondary)
References for CVE-2024-31459
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/
[SECURITY] Fedora 39 Update: cacti-spine-1.2.27-1.fc39 - package-announce - Fedora Mailing-ListsProduct
-
https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp
RCE vulnerability when managing links · Advisory · Cacti/cacti · GitHubExploit;Vendor Advisory
-
https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r
SQL Injection vulnerability when using tree rules through Automation API · Advisory · Cacti/cacti · GitHubExploit;Vendor Advisory
-
https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv
RCE vulnerability when plugins include files · Advisory · Cacti/cacti · GitHubExploit;Vendor Advisory
Jump to