OPENSUSE-SU-2023:0025-1

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2022-46169
Published: 21 Jan 2023, 09:04
Last modified:04 Feb 2026, 04:22

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

21 Jan 2023, 09:04
Published
Vulnerability first disclosed
04 Feb 2026, 04:22
Last Modified
Vulnerability information updated

Description

Security update for cacti, cacti-spine This update for cacti, cacti-spine fixes the following issues: cacti-spine 1.2.23: * Fix unexpected reindexing when using uptime as the reindex method * Spine should prevent the script server from connecting to remote when offline * Improve Script Server Timeout Logging * Add SQL_NO_CACHE to Spine Queries cacti 1.2.23, providing security fixes, feature improvements and bug fixes: * CVE-2022-46169: Unauthenticated Command Injection in Remote Agent (boo#1206185) * Security: Add .htaccess file to scripts folder * When using Single Sign-on Frameworks, revocation was not always detected in callbacks * Fixes to the installer, and compatibility with PHP and MySQL * Performance improvements for certain conditions * Various UI fixes * Bug fixes related to SNMP, RRDtools, and agents

Affected Systems

  • opensusecacti-spine&distro=openSUSE Leap 15.4

    < 1.2.23-bp154.2.6.1

  • opensusecacti&distro=openSUSE Leap 15.4

    < 1.2.23-bp154.2.6.1

  • susecacti-spine&distro=SUSE Package Hub 12

    < 1.2.23-bp154.2.6.1

  • susecacti-spine&distro=SUSE Package Hub 15 SP4

    < 1.2.23-bp154.2.6.1

  • susecacti&distro=SUSE Package Hub 12

    < 1.2.23-bp154.2.6.1

  • susecacti&distro=SUSE Package Hub 15 SP4

    < 1.2.23-bp154.2.6.1

References (3)