Vulnerability Details : CVE-2019-17358
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.
Vulnerability category: Memory Corruption
Products affected by CVE-2019-17358
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-17358
0.74%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-17358
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.5
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:P/A:P |
8.0
|
4.9
|
NIST | |
8.1
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.8
|
5.2
|
NIST |
CWE ids for CVE-2019-17358
-
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-17358
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
[security-announce] openSUSE-SU-2020:0284-1: important: Security update
-
https://github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.php#L3109
cacti/functions.php at 79f29cddb5eb05cbaff486cd634285ef1fed9326 · Cacti/cacti · GitHubExploit;Third Party Advisory
-
https://seclists.org/bugtraq/2020/Jan/25
Bugtraq: [SECURITY] [DSA 4604-1] cacti security update
-
https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8
Resoving Issue #3026 · Cacti/cacti@adf2213 · GitHubProduct;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2019/12/msg00014.html
[SECURITY] [DLA 2032-1] cacti security updateMailing List;Third Party Advisory
-
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17358
Bug 1158992 – VUL-0: CVE-2019-17358: cacti: Unsafe deserialization in sanitize_unserialize_selected_itemsIssue Tracking;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
[security-announce] openSUSE-SU-2020:0558-1: important: Security update
-
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
[security-announce] openSUSE-SU-2020:0565-1: important: Security update
-
https://security.gentoo.org/glsa/202003-40
Cacti: Multiple vulnerabilities (GLSA 202003-40) — Gentoo security
-
https://www.debian.org/security/2020/dsa-4604
Debian -- Security Information -- DSA-4604-1 cacti
-
https://www.darkmatter.ae/xen1thlabs/
404 Not FoundNot Applicable
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
[security-announce] openSUSE-SU-2020:0272-1: important: Security update
-
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html
CVE-2019-17358 in UbuntuThird Party Advisory
-
https://github.com/Cacti/cacti/issues/3026
When deserializating data, ensure basic sanitization has been performed · Issue #3026 · Cacti/cacti · GitHubIssue Tracking;Third Party Advisory
Jump to