cpe:/a:cacti:cacti:0.8.8f cpe:/o:opensuse:leap:42.1 cpe:/o:opensuse:opensuse:13.1 cpe:/o:opensuse:opensuse:13.2 CVE-2016-2313 2016-04-13T13:59:11.977-04:00 2018-10-30T12:27:35.843-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2016-04-17T18:36:13.937-04:00 SECTRACK 1037745 GENTOO GLSA-201607-05 GENTOO GLSA-201711-10 CONFIRM http://bugs.cacti.net/view.php?id=2656 CONFIRM http://www.cacti.net/release_notes_0_8_8g.php SUSE openSUSE-SU-2016:0437 SUSE openSUSE-SU-2016:0438 SUSE openSUSE-SU-2016:0440 auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.