Lucene search

K
ubuntucveUbuntu.comUB:CVE-2015-4454
HistoryJun 17, 2015 - 12:00 a.m.

CVE-2015-4454

2015-06-1700:00:00
ubuntu.com
ubuntu.com
8

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.5%

SQL injection vulnerability in the get_hash_graph_template function in
lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute
arbitrary SQL commands via the graph_template_id parameter to
graph_templates.php.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchcacti< 0.8.8b+dfsg-5ubuntu0.1UNKNOWN
ubuntu14.10noarchcacti< 0.8.8b+dfsg-8+deb8u1build0.14.10.1UNKNOWN
ubuntu15.04noarchcacti< 0.8.8b+dfsg-8+deb8u1build0.15.04.1UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.5%