Security Advisory

CVE-2022-48538

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-22 00:00:00

Last updated 2024-10-03 14:17:32

Assigner mitre

State PUBLISHED

Description

In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password.

← Browse all CVEs View on cve.org ↗