CVE-2023-39364 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-39364 Interim 1 6 2025-02-16T02:07:44Z current 2023-09-06T23:17:13Z 2025-02-16T02:07:44Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-39364 Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It's value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JFJCU2NOOFCO7XJZOUW2BQ6HWJMHSYSN/ E-Mail link for openSUSE-SU-2023:0275-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 12 SUSE Package Hub 15 SP4 SUSE Package Hub 15 SP5 openSUSE Leap 15.4 openSUSE Leap 15.5 openSUSE Tumbleweed cacti-1.2.25-2.1 cacti-1.2.25-35.1 cacti-1.2.25-bp154.2.9.1 cacti-1.2.25-bp155.2.3.1 cacti-spine-1.2.25-29.1 cacti-spine-1.2.25-bp154.2.9.1 cacti-spine-1.2.25-bp155.2.3.1 cacti-1.2.25-35.1 as a component of SUSE Package Hub 12 cacti-spine-1.2.25-29.1 as a component of SUSE Package Hub 12 cacti-1.2.25-bp154.2.9.1 as a component of SUSE Package Hub 15 SP4 cacti-spine-1.2.25-bp154.2.9.1 as a component of SUSE Package Hub 15 SP4 cacti-1.2.25-bp155.2.3.1 as a component of SUSE Package Hub 15 SP5 cacti-spine-1.2.25-bp155.2.3.1 as a component of SUSE Package Hub 15 SP5 cacti-1.2.25-bp154.2.9.1 as a component of openSUSE Leap 15.4 cacti-spine-1.2.25-bp154.2.9.1 as a component of openSUSE Leap 15.4 cacti-1.2.25-bp155.2.3.1 as a component of openSUSE Leap 15.5 cacti-spine-1.2.25-bp155.2.3.1 as a component of openSUSE Leap 15.5 cacti-1.2.25-2.1 as a component of openSUSE Tumbleweed Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It's value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. CVE-2023-39364 SUSE Package Hub 12:cacti-1.2.25-35.1 SUSE Package Hub 12:cacti-spine-1.2.25-29.1 SUSE Package Hub 15 SP4:cacti-1.2.25-bp154.2.9.1 SUSE Package Hub 15 SP4:cacti-spine-1.2.25-bp154.2.9.1 SUSE Package Hub 15 SP5:cacti-1.2.25-bp155.2.3.1 SUSE Package Hub 15 SP5:cacti-spine-1.2.25-bp155.2.3.1 openSUSE Leap 15.4:cacti-1.2.25-bp154.2.9.1 openSUSE Leap 15.4:cacti-spine-1.2.25-bp154.2.9.1 openSUSE Leap 15.5:cacti-1.2.25-bp155.2.3.1 openSUSE Leap 15.5:cacti-spine-1.2.25-bp155.2.3.1 openSUSE Tumbleweed:cacti-1.2.25-2.1 moderate 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N