opensuse-su-2022:0145-1
Vulnerability from csaf_opensuse
Published
2022-05-24 08:17
Modified
2022-05-24 08:17
Summary
Security update for cacti, cacti-spine
Notes
Title of the patch
Security update for cacti, cacti-spine
Description of the patch
This update for cacti, cacti-spine fixes the following issues:
cacti-spine was updated to 1.2.20:
* Add support for newer versions of MySQL/MariaDB
* When checking for uptime of device, don't assume a non-response
is always fatal
* Fix description and command trunctation issues
* Improve spine performance when only one snmp agent port is in
use
cacti-spine 1.2.19:
* Fix 1ssues with polling loop may skip some datasources
* Fix ping no longer works due to hostname changes
* Fix RRD steps are not always calculated correctly
* Fix unable to build when DES no longer supported
* Fix IPv6 devices are not properly parsed
* Reduce a number of compiler warnings
* Fix compiler warnings due to lack of return in thread_mutex_trylock
* Fix Spine will not look at non-timetics uptime when sysUpTimeInstance overflows
* Improve performance of Cacti poller on heavily loaded systems
cacti-spine 1.2.20:
* Add support for newer versions of MySQL/MariaDB
* When checking for uptime of device, don't assume a non-response
is always fatal
* Fix description and command trunctation issues
* Improve spine performance when only one snmp agent port is in
use
cacti was updated to 1.2.20:
* Security fix for CVE-2022-0730, boo#1196692
Under certain ldap conditions, Cacti authentication can be
bypassed with certain credential types.
* Security fix: Device, Graph, Graph Template,
and Graph Items may be vulnerable to XSS issues
* Security fix: Lockout policies are not properly applied to LDAP
and Domain Users
* Security fix: When using 'remember me' option, incorrect realm
may be selected
* Security fix: User and Group maintenance are vulnerable to SQL attacks
* Security fix: Color Templates are vulnerable to XSS attack
* Features:
* When creating a Data Source Profile, allow additional choices for Heartbeat
* Change select all options to use Font Awesome icons
* Improve spine performance by storing the total number of system snmp_ports in use
* Prevent Template User Accounts from being Removed
* When managing by users, allow filtering by Realm
* Allow plugins to supply template account names
* When viewing logs, additional message types should be filterable
* When creating a Graph Template Item, allow filtering by Data Template
* Allow language handler to be selected via UI
* Updated Device packages for Synology, Citrix NetScaler, Cisco ASA/Cisco
* Add Advanced Ping Graph Template to initial Installable templates
* Add LDAP Debug Mode option
* Allow Reports to include devices not on a Tree
* Allow Basic Authentication to display custom failure message
* Fix: When replicating data during installation/upgrade,
system may appear to hang
* Fix: Graph Template Items may have duplicated entries
* Fix: Unable to Save Graph Settings
* Fix: Script Server may crash if an OID is missing or unavailable
* Fix: When system-wide polling is disabled,
remote pollers may fail to sync changed settings
* Fix: When updating poller name, duplicate name protection may be over zealous
* Fix: Titles may show 'Missing Datasource' incorectly
* Fix: Checking for MIB Cache can cause crashes
* Fix: Polling cycles may not always complete as expected
* Fix: When viewing graph data, non-numeric values may appear
* Fix: Utilities view has calculation errors when there are no data sources
* Fix: When editing Reports, drag and drop may not function as intended
* Fix: When data drive is full, viewing a Graph can result in errors
* Various other bug fixes
cacti 1.2.19:
* Further fixes for grave character security protection (boo#1192408)
* Fix Over aggressive escaping causing menu visibility issues on Create Device page
* Add SHA256 and AES256 security levels for SNMP polling
* Import graph template(Preview Only) show color_id new value as a blank area
* Fix Editing graphs errors due to missing sequence
* Fix 2hen hovering over a Tree Graph, row shows same highlighting as Graph Edit screen
* Fix 2hen RealTime is not active, console errors may appear
* Fix race conditions may occur when multiple RRDtool processes are running
* Fix errors creating graphs from templates
* Fix errors when duplicating reports
* Fix Boost may be blocked by overflowing poller_output table
* Fix Template import may be blocked due to unmet dependency warnings with snmp ports
* Fix Newer MySQL versions may error if committing a transaction when not in one
* Fix SNMP Agent may not find a cache item
* Fix Correct issues running under PHP 8.x
* Fix When polling is disabled, boost may crash and creates many arch tables
* Fix When poller runs, memory tables may not always be present
* Fix Timezones may sometimes be incorrectly calculated
* Fix Allow monitoring IPv6 with interface graphs
* Fix When a data source uses a Data Input Method, those without a mapping should be flagged
* Fix When RRDfile is not yet created, errors may appear when displaying the graph
* Fix Cacti missing key indexes that result in Preset pages slowdowns
* Fix Data Sources page shows no name when Data Source has no name cache
* Fix db_update_table function can not alter table from signed to unsigned
* Fix data remains in poller_output table even if it's flushed to rrd files
* Fix Parameter list for lib/database.php:db_connect_real() is not correct in 3 places
* Fix Offset is a reserved word in MariaDB 10.6 affecting Report
* Fix Rendering large trees slowed due to lack of permission caching
* Fix Error on interpretation of snmpUtime, when to big
* Fix Applying right axis formatting creates an error-image
* Fix Unable to Save Graph Settings from the Graphs pages
* Fix Graph Template Cache is nullified too often when Graph Automation is running
* Fix When Adding a Data Query to a Device, no Progress Spinner is shown
* Fix New Browser Breaks Plugins that depend on non UTC date time data
* Fix errors when testing remote poller connectivity
* Fix errors when renaming poller
* Fix Removing spikes by Variance does not appear to be working beyond the first RRA
* Fix LDAP API lacks timeout options leading to bad login experiences
* Add a normal/wrap class for general use
* Limit File Types available for Template Import operations
* Fix Cacti does not provide an option of providing a client side certificate for LDAP/AD authentication
* Support Stronger Encryption Available Starting in Net-SNMP v5.8
* Allow Cacti to use multiple possible LDAP servers
* Add a 15 minute polling/sampling interval
* Provide additional admin email notifications
* Add warnings for undesired changes to plugin hook return values
* When creating a Graph, make testing the Data Sources optional by Template
* Update phpseclib to 2.0.33
* Update jstree.js to 3.3.12
* Improve performance of Cacti poller on heavily loaded systems
* MariaDB recommendations need some tuning for recent updates
Patchnames
openSUSE-2022-145
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cacti, cacti-spine",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cacti, cacti-spine fixes the following issues:\n\ncacti-spine was updated to 1.2.20:\n\n * Add support for newer versions of MySQL/MariaDB\n * When checking for uptime of device, don\u0027t assume a non-response\n is always fatal\n * Fix description and command trunctation issues\n * Improve spine performance when only one snmp agent port is in\n use\n\ncacti-spine 1.2.19:\n\n * Fix 1ssues with polling loop may skip some datasources\n * Fix ping no longer works due to hostname changes\n * Fix RRD steps are not always calculated correctly\n * Fix unable to build when DES no longer supported\n * Fix IPv6 devices are not properly parsed\n * Reduce a number of compiler warnings\n * Fix compiler warnings due to lack of return in thread_mutex_trylock\n * Fix Spine will not look at non-timetics uptime when sysUpTimeInstance overflows\n * Improve performance of Cacti poller on heavily loaded systems\n\ncacti-spine 1.2.20:\n\n * Add support for newer versions of MySQL/MariaDB\n * When checking for uptime of device, don\u0027t assume a non-response\n is always fatal\n * Fix description and command trunctation issues\n * Improve spine performance when only one snmp agent port is in\n use\n\ncacti was updated to 1.2.20:\n\n * Security fix for CVE-2022-0730, boo#1196692\n Under certain ldap conditions, Cacti authentication can be\n bypassed with certain credential types.\n * Security fix: Device, Graph, Graph Template,\n and Graph Items may be vulnerable to XSS issues\n * Security fix: Lockout policies are not properly applied to LDAP\n and Domain Users\n * Security fix: When using \u0027remember me\u0027 option, incorrect realm\n may be selected\n * Security fix: User and Group maintenance are vulnerable to SQL attacks\n * Security fix: Color Templates are vulnerable to XSS attack\n * Features:\n * When creating a Data Source Profile, allow additional choices for Heartbeat\n * Change select all options to use Font Awesome icons\n * Improve spine performance by storing the total number of system snmp_ports in use\n * Prevent Template User Accounts from being Removed\n * When managing by users, allow filtering by Realm\n * Allow plugins to supply template account names\n * When viewing logs, additional message types should be filterable\n * When creating a Graph Template Item, allow filtering by Data Template\n * Allow language handler to be selected via UI\n * Updated Device packages for Synology, Citrix NetScaler, Cisco ASA/Cisco\n * Add Advanced Ping Graph Template to initial Installable templates\n * Add LDAP Debug Mode option\n * Allow Reports to include devices not on a Tree\n * Allow Basic Authentication to display custom failure message\n * Fix: When replicating data during installation/upgrade,\n system may appear to hang\n * Fix: Graph Template Items may have duplicated entries\n * Fix: Unable to Save Graph Settings\n * Fix: Script Server may crash if an OID is missing or unavailable\n * Fix: When system-wide polling is disabled,\n remote pollers may fail to sync changed settings\n * Fix: When updating poller name, duplicate name protection may be over zealous\n * Fix: Titles may show \u0027Missing Datasource\u0027 incorectly\n * Fix: Checking for MIB Cache can cause crashes\n * Fix: Polling cycles may not always complete as expected\n * Fix: When viewing graph data, non-numeric values may appear\n * Fix: Utilities view has calculation errors when there are no data sources\n * Fix: When editing Reports, drag and drop may not function as intended\n * Fix: When data drive is full, viewing a Graph can result in errors\n * Various other bug fixes\n\ncacti 1.2.19:\n\n * Further fixes for grave character security protection (boo#1192408)\n * Fix Over aggressive escaping causing menu visibility issues on Create Device page\n * Add SHA256 and AES256 security levels for SNMP polling\n * Import graph template(Preview Only) show color_id new value as a blank area\n * Fix Editing graphs errors due to missing sequence\n * Fix 2hen hovering over a Tree Graph, row shows same highlighting as Graph Edit screen\n * Fix 2hen RealTime is not active, console errors may appear\n * Fix race conditions may occur when multiple RRDtool processes are running\n * Fix errors creating graphs from templates\n * Fix errors when duplicating reports\n * Fix Boost may be blocked by overflowing poller_output table\n * Fix Template import may be blocked due to unmet dependency warnings with snmp ports\n * Fix Newer MySQL versions may error if committing a transaction when not in one\n * Fix SNMP Agent may not find a cache item\n * Fix Correct issues running under PHP 8.x\n * Fix When polling is disabled, boost may crash and creates many arch tables\n * Fix When poller runs, memory tables may not always be present\n * Fix Timezones may sometimes be incorrectly calculated\n * Fix Allow monitoring IPv6 with interface graphs\n * Fix When a data source uses a Data Input Method, those without a mapping should be flagged\n * Fix When RRDfile is not yet created, errors may appear when displaying the graph\n * Fix Cacti missing key indexes that result in Preset pages slowdowns\n * Fix Data Sources page shows no name when Data Source has no name cache\n * Fix db_update_table function can not alter table from signed to unsigned\n * Fix data remains in poller_output table even if it\u0027s flushed to rrd files\n * Fix Parameter list for lib/database.php:db_connect_real() is not correct in 3 places\n * Fix Offset is a reserved word in MariaDB 10.6 affecting Report\n * Fix Rendering large trees slowed due to lack of permission caching\n * Fix Error on interpretation of snmpUtime, when to big\n * Fix Applying right axis formatting creates an error-image\n * Fix Unable to Save Graph Settings from the Graphs pages\n * Fix Graph Template Cache is nullified too often when Graph Automation is running\n * Fix When Adding a Data Query to a Device, no Progress Spinner is shown\n * Fix New Browser Breaks Plugins that depend on non UTC date time data\n * Fix errors when testing remote poller connectivity\n * Fix errors when renaming poller\n * Fix Removing spikes by Variance does not appear to be working beyond the first RRA\n * Fix LDAP API lacks timeout options leading to bad login experiences\n * Add a normal/wrap class for general use\n * Limit File Types available for Template Import operations\n * Fix Cacti does not provide an option of providing a client side certificate for LDAP/AD authentication\n * Support Stronger Encryption Available Starting in Net-SNMP v5.8\n * Allow Cacti to use multiple possible LDAP servers\n * Add a 15 minute polling/sampling interval\n * Provide additional admin email notifications\n * Add warnings for undesired changes to plugin hook return values\n * When creating a Graph, make testing the Data Sources optional by Template\n * Update phpseclib to 2.0.33\n * Update jstree.js to 3.3.12\n * Improve performance of Cacti poller on heavily loaded systems\n * MariaDB recommendations need some tuning for recent updates\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2022-145",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0145-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0145-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VZEKTX6LOHELIEEVJYSONO5MX6DZOZIA/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0145-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VZEKTX6LOHELIEEVJYSONO5MX6DZOZIA/"
},
{
"category": "self",
"summary": "SUSE Bug 1192408",
"url": "https://bugzilla.suse.com/1192408"
},
{
"category": "self",
"summary": "SUSE Bug 1196692",
"url": "https://bugzilla.suse.com/1196692"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0730 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0730/"
}
],
"title": "Security update for cacti, cacti-spine",
"tracking": {
"current_release_date": "2022-05-24T08:17:34Z",
"generator": {
"date": "2022-05-24T08:17:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0145-1",
"initial_release_date": "2022-05-24T08:17:34Z",
"revision_history": [
{
"date": "2022-05-24T08:17:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"product": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"product_id": "cacti-spine-1.2.20-bp153.2.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cacti-spine-1.2.20-bp153.2.9.1.i586",
"product": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.i586",
"product_id": "cacti-spine-1.2.20-bp153.2.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cacti-1.2.20-bp153.2.9.1.noarch",
"product": {
"name": "cacti-1.2.20-bp153.2.9.1.noarch",
"product_id": "cacti-1.2.20-bp153.2.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"product": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"product_id": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cacti-spine-1.2.20-bp153.2.9.1.s390x",
"product": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.s390x",
"product_id": "cacti-spine-1.2.20-bp153.2.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"product": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"product_id": "cacti-spine-1.2.20-bp153.2.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 12",
"product": {
"name": "SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP3",
"product": {
"name": "SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-1.2.20-bp153.2.9.1.noarch as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:cacti-1.2.20-bp153.2.9.1.noarch"
},
"product_reference": "cacti-1.2.20-bp153.2.9.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.aarch64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.aarch64"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.i586 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.i586"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.i586",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.ppc64le"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.s390x as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.s390x"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.x86_64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.x86_64"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-1.2.20-bp153.2.9.1.noarch as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:cacti-1.2.20-bp153.2.9.1.noarch"
},
"product_reference": "cacti-1.2.20-bp153.2.9.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.aarch64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.aarch64"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.i586 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.i586"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.i586",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.s390x as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.s390x"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.x86_64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.x86_64"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-1.2.20-bp153.2.9.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cacti-1.2.20-bp153.2.9.1.noarch"
},
"product_reference": "cacti-1.2.20-bp153.2.9.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.aarch64"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.i586 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.i586"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.s390x"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cacti-spine-1.2.20-bp153.2.9.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.x86_64"
},
"product_reference": "cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-0730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0730"
}
],
"notes": [
{
"category": "general",
"text": "Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12:cacti-1.2.20-bp153.2.9.1.noarch",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.i586",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"SUSE Package Hub 15 SP3:cacti-1.2.20-bp153.2.9.1.noarch",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.i586",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"openSUSE Leap 15.3:cacti-1.2.20-bp153.2.9.1.noarch",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.i586",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0730",
"url": "https://www.suse.com/security/cve/CVE-2022-0730"
},
{
"category": "external",
"summary": "SUSE Bug 1196692 for CVE-2022-0730",
"url": "https://bugzilla.suse.com/1196692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12:cacti-1.2.20-bp153.2.9.1.noarch",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.i586",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"SUSE Package Hub 15 SP3:cacti-1.2.20-bp153.2.9.1.noarch",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.i586",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"openSUSE Leap 15.3:cacti-1.2.20-bp153.2.9.1.noarch",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.i586",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12:cacti-1.2.20-bp153.2.9.1.noarch",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.i586",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"SUSE Package Hub 12:cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"SUSE Package Hub 15 SP3:cacti-1.2.20-bp153.2.9.1.noarch",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.i586",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"SUSE Package Hub 15 SP3:cacti-spine-1.2.20-bp153.2.9.1.x86_64",
"openSUSE Leap 15.3:cacti-1.2.20-bp153.2.9.1.noarch",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.aarch64",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.i586",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.ppc64le",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.s390x",
"openSUSE Leap 15.3:cacti-spine-1.2.20-bp153.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-05-24T08:17:34Z",
"details": "critical"
}
],
"title": "CVE-2022-0730"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…