Basic search

K
ubuntucveUbuntu.comUB:CVE-2010-2545
HistoryAug 23, 2010 - 12:00 a.m.

CVE-2010-2545

2010-08-2300:00:00
ubuntu.com
ubuntu.com
5

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.8%

Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g,
as used in Red Hat High Performance Computing (HPC) Solution and other
products, allow remote attackers to inject arbitrary web script or HTML via
(1) the name element in an XML template to templates_import.php; and allow
remote authenticated administrators to inject arbitrary web script or HTML
via vectors related to (2) cdef.php, (3) data_input.php, (4)
data_queries.php, (5) data_sources.php, (6) data_templates.php, (7)
gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php,
(11) graph_templates_inputs.php, (12) graph_templates_items.php, (13)
graph_templates.php, (14) graph_view.php, (15) host.php, (16)
host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19)
lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22)
lib/rrd.php, (23) rra.php, (24) tree.php, and (25) user_admin.php.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchcacti< 0.8.7e-2ubuntu0.1UNKNOWN
ubuntu10.10noarchcacti< 0.8.7g-1UNKNOWN
ubuntu11.04noarchcacti< 0.8.7g-1UNKNOWN
ubuntu11.10noarchcacti< 0.8.7g-1UNKNOWN

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.8%

Related for UB:CVE-2010-2545