Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-1477
cve-2002-1477
cacti
0.6.8
remote
command execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.029 Low
EPSS
Percentile
90.8%
graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.
Affected configurations
Node
the_cacti_groupcactiMatch0.5
ORthe_cacti_groupcactiMatch0.6
ORthe_cacti_groupcactiMatch0.6.1
ORthe_cacti_groupcactiMatch0.6.2
ORthe_cacti_groupcactiMatch0.6.3
ORthe_cacti_groupcactiMatch0.6.4
ORthe_cacti_groupcactiMatch0.6.5
ORthe_cacti_groupcactiMatch0.6.6
ORthe_cacti_groupcactiMatch0.6.7
ORthe_cacti_groupcactiMatch0.6.8
Related
debiancve
debiancve
CVE-2002-1477
2004-09-01 04:00:00
cvelist
cvelist
CVE-2002-1477
2004-09-01 04:00:00
nvd
nvd
CVE-2002-1477
2003-04-22 04:00:00
osv
osv
cacti - arbitrary code execution
2002-09-10 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-164)
2008-01-17 00:00:00
Debian Security Advisory DSA 164-1 (cacti)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-164-1 : cacti - arbitrary code execution
2004-09-29 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.029 Low
EPSS
Percentile
90.8%
Related for CVE-2002-1477