Unrated severityNVD Advisory· Published Dec 12, 2019· Updated Aug 5, 2024
CVE-2019-17358
CVE-2019-17358
Description
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- Cacti/Cactidescription
- Range: <=1.2.7
- osv-coords7 versionspkg:rpm/opensuse/cacti&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/cacti&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cacti-spine&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/cacti&distro=SUSE%20Package%20Hub%2012pkg:rpm/suse/cacti&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/cacti-spine&distro=SUSE%20Package%20Hub%2012pkg:rpm/suse/cacti-spine&distro=SUSE%20Package%20Hub%2015%20SP1
< 1.2.9-lp151.3.3.1+ 6 more
- (no CPE)range: < 1.2.9-lp151.3.3.1
- (no CPE)range: < 1.2.18-1.2
- (no CPE)range: < 1.2.9-lp151.3.3.1
- (no CPE)range: < 1.2.11-5.1
- (no CPE)range: < 1.2.9-bp151.4.3.1
- (no CPE)range: < 1.2.11-2.1
- (no CPE)range: < 1.2.9-bp151.4.3.1
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
14- lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.htmlmitrevendor-advisoryx_refsource_SUSE
- security.gentoo.org/glsa/202003-40mitrevendor-advisoryx_refsource_GENTOO
- www.debian.org/security/2020/dsa-4604mitrevendor-advisoryx_refsource_DEBIAN
- bugzilla.suse.com/show_bug.cgimitrex_refsource_MISC
- github.com/Cacti/cacti/blob/79f29cddb5eb05cbaff486cd634285ef1fed9326/lib/functions.phpmitrex_refsource_MISC
- github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8mitrex_refsource_MISC
- github.com/Cacti/cacti/issues/3026mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2019/12/msg00014.htmlmitrex_refsource_MISC
- people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.htmlmitrex_refsource_MISC
- seclists.org/bugtraq/2020/Jan/25mitremailing-listx_refsource_BUGTRAQ
- www.darkmatter.ae/xen1thlabs/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.