CVE-2023-39515

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.25

Description The issue exists due to inadequate protection of the web page structure in the data debug.php script of the Cacti network monitoring tool. This allows a remote attacker to conduct cross-site scripting attacks. An authenticated user can poison data stored in Cacti's database, which will be viewed by administrative accounts and execute JavaScript code in the victim's browser. The vulnerability can be exploited by configuring a malicious data-source path, which can be done by a user with General Administration>Sites/Devices/Data permissions through the http:///cacti/data sources.php endpoint. The data debug.php script displays data source related debugging information.

Recommendations For versions prior to 1.2.25, upgrade to version 1.2.25 or later to resolve the issue. As a temporary workaround for users unable to update, manually filter HTML output to minimize the risk of exploitation. Restrict access to the data debug.php script and the http://<HOST>/cacti/data sources.php endpoint to minimize the risk of exploitation. Consider disabling the configuration of data source paths for users with General Administration>Sites/Devices/Data permissions until the issue is resolved.