High severity8.8NVD Advisory· Published Apr 13, 2016· Updated Jun 17, 2026
CVE-2016-2313
CVE-2016-2313
Description
auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*range: <=0.8.8f
- (no CPE)range: <0.8.8g
Patches
Vulnerability mechanics
References
8- bugs.cacti.net/view.phpnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00077.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00078.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00080.htmlnvd
- www.cacti.net/release_notes_0_8_8g.phpnvd
- www.securitytracker.com/id/1037745nvd
- security.gentoo.org/glsa/201607-05nvd
- security.gentoo.org/glsa/201711-10nvd
News mentions
0No linked articles in our index yet.