Basic search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24131
HistoryApr 10, 2020 - 12:46 a.m.

OS Command Injection

2020-04-1000:46:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

cacti is vulnerable to OS command injection. Multiple command injection flaws were discovered in Cacti. An authenticated user with certain administrative privileges could use these flaws to execute arbitrary commands on the Cacti server with the privileges of the web server user.

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

Related for VERACODE:24131