FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cacti -- Authenticated users may bypass authorization checks

Affected packages
cacti < 1.2.7


VuXML ID ed18aa92-e4f4-11e9-b6fa-3085a9a95629
Discovery 2019-09-23
Entry 2019-10-02

The cacti developers reports:

In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.


CVE Name CVE-2019-16723