CVE-2023-49088

{"id": "CVE-2023-49088", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.7}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 0.9}]}, "published": "2023-12-22T17:15:08.247", "references": [{"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", "source": "security-advisories@github.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti."}, {"lang": "es", "value": "Cacti es un framework de gesti\u00f3n de fallos y monitoreo operativo de c\u00f3digo abierto. La soluci\u00f3n aplicada para CVE-2023-39515 en la versi\u00f3n 1.2.25 est\u00e1 incompleta, ya que permite que un adversario haga que el navegador de la v\u00edctima ejecute c\u00f3digo malicioso cuando un usuario v\u00edctima pasa el mouse sobre la ruta de la fuente de datos maliciosa en `data_debug.php`. Para realizar el ataque de cross-site scripting, el adversario debe ser un usuario de Cacti autorizado con los siguientes permisos: `General Administration&gt;Sites/Devices/Data`. La v\u00edctima de este ataque podr\u00eda ser cualquier cuenta con permisos para ver `http:///cacti/data_debug.php`. Al momento de la publicaci\u00f3n, no se ha incluido ninguna soluci\u00f3n completa en Cacti."}], "lastModified": "2024-03-18T20:15:08.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8", "versionEndExcluding": "1.2.25"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}