CVE-2002-1477

5 documents5 sources
Severity
7.5HIGH
EPSS
2.7%
top 14.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
THE Cacti Group Cacti
Timeline
PublishedApr 22
Latest updateApr 30

Description

graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debiancacti< 0.6.8a-2+3
NVDthe_cacti_group/cacti10 versions+9

Patches

Patch: archives.neohapsis.comPatch: www.debian.orgPatch: www.iss.net

🔴Vulnerability Details

3
GHSA
GHSA-89r6-x49c-h6w2: graphs2022-04-30
CVEList
CVE-2002-1477: graphs2004-09-01
OSV
CVE-2002-1477: graphs2003-04-22

📋Vendor Advisories

1
Debian
CVE-2002-1477: cacti - graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrator...2002
CVE-2002-1477 (HIGH CVSS 7.5) | graphs.php in Cacti before 0.6.8 al | cvebase.io