Lucene search

[email protected]NVD:CVE-2014-2328

HistoryApr 23, 2014 - 3:55 p.m.

CVE-2014-2328

2014-04-2315:55:03

[email protected]

web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.002

Percentile

61.4%

JSON

lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.

Affected configurations

NVD

Node

cacticactiRange0.8.7–0.8.7g

cacticactiRange0.8.8–0.8.8b

Node

fedoraprojectfedoraMatch19

fedoraprojectfedoraMatch20

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

debiandebian_linuxMatch7.0

References

bugs.cacti.net/view.php?id=2433

lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html

lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html

lists.opensuse.org/opensuse-updates/2015-03/msg00034.html

secunia.com/advisories/59203

svn.cacti.net/viewvc?view=rev&revision=7442

www.debian.org/security/2014/dsa-2970

www.securityfocus.com/archive/1/531588

www.securityfocus.com/bid/66387

bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768

security.gentoo.org/glsa/201509-03

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.002

Percentile

61.4%

JSON

Related for NVD:CVE-2014-2328

debiancve1 seebug1 cve1 prion1 cvelist1 ubuntucve1 securityvulns4 openvas13 mageia1 fedora4 nessus9 amazon1 osv1 debian3 freebsd1 gentoo1