Vulnerability Name: | CVE-2015-8369 (CCN-108904) | ||||||||||||||||||||||||||||||||||||
Assigned: | 2015-12-05 | ||||||||||||||||||||||||||||||||||||
Published: | 2015-12-05 | ||||||||||||||||||||||||||||||||||||
Updated: | 2016-12-07 | ||||||||||||||||||||||||||||||||||||
Summary: | SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php. | ||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) 6.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:H/RL:U/RC:R)
| ||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-89 | ||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Data Manipulation | ||||||||||||||||||||||||||||||||||||
References: | Source: MISC Type: Exploit http://bugs.cacti.net/view.php?id=2646 Source: MITRE Type: CNA CVE-2015-8369 Source: MISC Type: UNKNOWN http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html Source: CCN Type: Full-Disclosure Mailing List, Sat, 5 Dec 2015 23:25:25 +0800 [CVE-2015-8369] Cacti SQL injection in graph.php Source: FULLDISC Type: Exploit 20151209 [CVE-2015-8369] Cacti SQL injection in graph.php Source: CCN Type: Cacti Website Cacti - The Complete RRDTool-based Graphing Solution Source: DEBIAN Type: UNKNOWN DSA-3423 Source: SECTRACK Type: UNKNOWN 1034497 Source: XF Type: UNKNOWN cacti-graphphp-cve20158369-sql-injection(108904) Source: CCN Type: Packet Storm Security [12-09-2015] Cacti 0.8.8f SQL Injection Source: GENTOO Type: UNKNOWN GLSA-201607-05 Source: CCN Type: WhiteSource Vulnerability Database CVE-2015-8369 | ||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
BACK |