Launchpad CVE tracker

CVE 2019-16723

In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.

Related bugs and status

CVE-2019-16723 (Candidate) is related to these bugs:

Bug #1863739: [focal] cacti needs a merge from 1.2.4+ds1-2ubuntu3 to 1.2.9+ds1-1

Summary				In	Importance	Status
	1863739	[focal] cacti needs a merge from 1.2.4+ds1-2ubuntu3 to 1.2.9+ds1-1		cacti (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/Cac...
FEDORA: FEDORA-2019-362f0e9710
FEDORA: FEDORA-2019-6bf27b45b3
BUGTRAQ: 20200120 [SECURITY] [D...
DEBIAN: DSA-4604
SUSE: openSUSE-SU-2020:0272
SUSE: openSUSE-SU-2020:0284
GENTOO: GLSA-202003-40
SUSE: openSUSE-SU-2020:0558
SUSE: openSUSE-SU-2020:0565

Launchpad.net

CVE 2019-16723

Related bugs and status

Related bugs

References