Test ID:	1.3.6.1.4.1.25623.1.0.833194
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for cacti, cacti (openSUSE-SU-2023:0025-1)
Summary:	The remote host is missing an update for the 'cacti, cacti'; package(s) announced via the openSUSE-SU-2023:0025-1 advisory.
Description:	Summary: The remote host is missing an update for the 'cacti, cacti' package(s) announced via the openSUSE-SU-2023:0025-1 advisory. Vulnerability Insight: This update for cacti, cacti-spine fixes the following issues: cacti-spine 1.2.23: * Fix unexpected reindexing when using uptime as the reindex method * Spine should prevent the script server from connecting to remote when offline * Improve Script Server Timeout Logging * Add SQL_NO_CACHE to Spine Queries cacti 1.2.23, providing security fixes, feature improvements and bug fixes: * CVE-2022-46169: Unauthenticated Command Injection in Remote Agent (boo#1206185) * Security: Add .htaccess file to scripts folder * When using Single Sign-on Frameworks, revocation was not always detected in callbacks * Fixes to the installer, and compatibility with PHP and MySQL * Performance improvements for certain conditions * Various UI fixes * Bug fixes related to SNMP, RRDtools, and agents Affected Software/OS: 'cacti, cacti' package(s) on openSUSE Backports SLE-15-SP4. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-46169 https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216 https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9 https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.