CVE-2014-5261
Published Aug 22, 2014
Last updated 7 years ago
Overview
- Description
- The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAAF93EB-D502-4210-AD60-A01FE14F077E", "versionEndIncluding": "0.8.8b" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.6e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E239B64D-6B94-4E77-8245-5293247F09D4" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A8C1715-DCA1-4C83-B817-9366172CFC1D" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "307B69DB-CFFB-49BA-A126-134EEE735FCC" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6532CB60-B8FA-418D-B077-FCC4EE24C1A9" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B53567F-C65B-4E1F-BBF7-4F55C845A83A" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB3DC32A-09AF-4DC9-A78E-E951847B76A8" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6537BC21-D7C5-4EEB-BE7A-D1C9A27E290D" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9C0E835-9CB2-4700-8216-EC2F1BCB4CB6" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.7i:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FC44FEA-FB88-4620-B200-E188C7A2BFAA" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DABFA50-3C45-4841-945B-FBC40B9C94B7" }, { "criteria": "cpe:2.3:a:cacti:cacti:0.8.8a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACD91588-5963-4CDE-8C51-B2B4C75C1628" } ], "operator": "OR" } ] } ]