ALAS-2016-711


Amazon Linux AMI Security Advisory: ALAS-2016-711
Advisory Release Date: 2016-06-03 20:10 Pacific
Severity: Medium
References: CVE-2016-3659 

Issue Overview:

SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter. (CVE-2016-3659 )


Affected Packages:

cacti


Issue Correction:
Run yum update cacti to update your system.

New Packages:
noarch:
    cacti-0.8.8h-1.13.amzn1.noarch

src:
    cacti-0.8.8h-1.13.amzn1.src