[Bug 1161297] VUL-0: CVE-2020-7237: cacti: Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php
http://bugzilla.suse.com/show_bug.cgi?id=1161297 http://bugzilla.suse.com/show_bug.cgi?id=1161297#c2 --- Comment #2 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2020:0272-1: An update that solves 10 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1082318,1101024,1101139,1122242,1122243,1122244,1122245,1122535,1158990,1158992,1161297,1163749 CVE References: CVE-2009-4112,CVE-2018-20723,CVE-2018-20724,CVE-2018-20725,CVE-2018-20726,CVE-2019-16723,CVE-2019-17357,CVE-2019-17358,CVE-2020-7106,CVE-2020-7237 Sources used: openSUSE Leap 15.1 (src): cacti-1.2.9-lp151.3.3.1, cacti-spine-1.2.9-lp151.3.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com