mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-18 19:49:40 +00:00
security/vuxml: Document net-mgmt/cacti issue
PR: 240999 Reported by: Michael Muenz <m.muenz@gmail.com> Security: CVE-2019-16723
This commit is contained in:
parent
95e26e0441
commit
92b8880414
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=513564
@ -58,6 +58,34 @@ Notes:
|
||||
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
|
||||
-->
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="ed18aa92-e4f4-11e9-b6fa-3085a9a95629">
|
||||
<topic>cacti -- Authenticated users may bypass authorization checks</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>cacti</name>
|
||||
<range><lt>1.2.7</lt></range>
|
||||
</package>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<p>The cacti developers reports:</p>
|
||||
<blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16723">
|
||||
<p>In Cacti through 1.2.6, authenticated users may bypass authorization checks
|
||||
(for viewing a graph) via a direct graph_json.php request with a modified
|
||||
local_graph_id parameter.</p>
|
||||
</blockquote>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<cvename>CVE-2019-16723</cvename>
|
||||
<url>https://github.com/Cacti/cacti/releases/tag/release%2F1.2.7</url>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2019-09-23</discovery>
|
||||
<entry>2019-10-02</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="e917caba-e291-11e9-89f1-152fed202bb7">
|
||||
<topic>Exim -- heap-based buffer overflow in string_vformat leading to RCE</topic>
|
||||
<affects>
|
||||
|
Loading…
Reference in New Issue
Block a user