CVE-2016-2313

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 0.8.8g

Description The issue is related to insufficient access control in the Cacti network monitoring tool. It allows a remote authenticated user to bypass intended access restrictions by logging in as a user not registered in the Cacti database. This can be exploited by an attacker to circumvent existing access limitations.

Recommendations For versions prior to 0.8.8g, update to version 0.8.8g or later to resolve the issue. As a temporary workaround, consider restricting access to the auth login.php module to minimize the risk of exploitation.