Vulnerability CVE-2016-2313

Vulnerability Name:

CVE-2016-2313 (CCN-110577)

Assigned:

2016-02-10

Published:

2016-02-10

Updated:

2018-10-30

Summary:

auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.

CVSS v3 Severity:

8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-264

Vulnerability Consequences:

Bypass Security

References:

Source: CONFIRM
Type: UNKNOWN
http://bugs.cacti.net/view.php?id=2656

Source: MITRE
Type: CNA
CVE-2016-2313

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0437

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0438

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0440

Source: CCN
Type: oss-sec Mailing List, Wed, 10 Feb 2016 11:33:37 -0500 (EST)
Re: CVE Request: cacti: Authentication using web authentication as a user not in the,cacti database allows complete access

Source: CCN
Type: Cacti Web site
Cacti

Source: CONFIRM
Type: Vendor Advisory
http://www.cacti.net/release_notes_0_8_8g.php

Source: SECTRACK
Type: UNKNOWN
1037745

Source: XF
Type: UNKNOWN
cacti-cve20162313-sec-bypass(110577)

Source: GENTOO
Type: UNKNOWN
GLSA-201607-05

Source: GENTOO
Type: UNKNOWN
GLSA-201711-10

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-2313

Vulnerable Configuration:

Configuration 1:

cpe:/a:cacti:cacti:*:*:*:*:*:*:*:* (Version <= 0.8.8f)

Configuration 2:

cpe:/o:opensuse:leap:42.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:cacti:cacti:0.8.8f:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20162313	V	CVE-2016-2313	2022-06-30
oval:org.opensuse.security:def:112038	P	cacti-0.8.8h-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105593	P	cacti-0.8.8h-1.2 on GA media (Moderate)	2021-10-01
oval:com.ubuntu.precise:def:20162313000	V	CVE-2016-2313 on Ubuntu 12.04 LTS (precise) - medium.	2016-04-13
oval:com.ubuntu.xenial:def:201623130000000	V	CVE-2016-2313 on Ubuntu 16.04 LTS (xenial) - medium.	2016-04-13
oval:com.ubuntu.trusty:def:20162313000	V	CVE-2016-2313 on Ubuntu 14.04 LTS (trusty) - medium.	2016-04-13
oval:com.ubuntu.xenial:def:20162313000	V	CVE-2016-2313 on Ubuntu 16.04 LTS (xenial) - medium.	2016-04-13

BACK