Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2022-48538

Disclosure Date: August 22, 2023 (last updated October 08, 2023)
In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-0730

Disclosure Date: March 03, 2022 (last updated February 23, 2025)
Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0