{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T23:37:23.648","vulnerabilities":[{"cve":{"id":"CVE-2023-39364","sourceIdentifier":"security-advisories@github.com","published":"2023-09-05T22:15:08.910","lastModified":"2024-11-21T08:15:14.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It's value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."},{"lang":"es","value":"Cacti es un framework de gestión de fallas y monitoreo operativo de código abierto. En Cacti 1.2.24, los usuarios con acceso a la consola pueden ser redirigidos a un sitio web arbitrario después de realizar un cambio de contraseña a través de una URL específicamente manipulada. El archivo `auth_changepassword.php` acepta `ref` como parámetro de URL y lo refleja en el formulario utilizado para realizar el cambio de contraseña. Su valor se utiliza para realizar una redirección a través de la función PHP \"header\". Se puede engañar a un usuario para que realice la operación de cambio de contraseña, por ejemplo, mediante un mensaje de phishing, y luego interactúe con el sitio web malicioso donde se realizó la redirección, por ejemplo, descargando malware, proporcionando credenciales, etc. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*","matchCriteriaId":"F28D6ED7-B38C-4E5F-B623-73D0FF93C720"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","matchCriteriaId":"E30D0E6F-4AE8-4284-8716-991DFA48CC5D"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","matchCriteriaId":"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"}]}]}],"references":[{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html","source":"security-advisories@github.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/","source":"security-advisories@github.com","tags":["Mailing List"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/","source":"security-advisories@github.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/","source":"security-advisories@github.com","tags":["Mailing List"]},{"url":"https://www.debian.org/security/2023/dsa-5550","source":"security-advisories@github.com"},{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-4pjv-rmrp-r59x","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://www.debian.org/security/2023/dsa-5550","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}