CVE-2020-14295

NameCVE-2020-14295
DescriptionA SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs963139

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
cacti (PTS)jessie, jessie (lts)0.8.8b+dfsg-8+deb8u10fixed
stretch (security), stretch (lts), stretch0.8.8h+ds1-10+deb9u2fixed
buster1.2.2+ds1-2+deb10u4fixed
buster (security)1.2.2+ds1-2+deb10u6fixed
bullseye1.2.16+ds1-2+deb11u2fixed
bullseye (security)1.2.16+ds1-2+deb11u3fixed
bookworm1.2.24+ds1-1+deb12u1fixed
bookworm (security)1.2.24+ds1-1+deb12u2fixed
sid, trixie1.2.26+ds1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cactisourcewheezy(unfixed)end-of-life
cactisourcejessie(not affected)
cactisourcestretch(not affected)
cactisourcebuster(not affected)
cactisource(unstable)1.2.13+ds1-1963139

Notes

[buster] - cacti <not-affected> (Vulnerability introduced later)
[stretch] - cacti <not-affected> (Vulnerability introduced later)
[jessie] - cacti <not-affected> (Vulnerability introduced later)
https://github.com/Cacti/cacti/issues/3622
Fixed by: https://github.com/Cacti/cacti/commit/cc1a656f37b08c0c45667c119a44a3751271ac6e
Introduced with the fix for https://github.com/Cacti/cacti/issues/2839
Introduced by: https://github.com/Cacti/cacti/commit/b87747c38ba58e8cf6507d4f1f8476d1df567556 (1.2.6)

Search for package or bug name: Reporting problems