auth_login.php in Cacti prior to 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cacti cacti |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |