CVE-2007-3112

6 documents6 sources

Severity

7.8HIGH

EPSS

2.8%

top 13.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

THE Cacti Group Cacti

Timeline

PublishedJun 7

Latest updateMay 1

Description

graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶Debiancacti< 0.8.6j-1.1+3

▶NVDthe_cacti_group/cacti0.8.6i

Patches

Patch: secunia.com ↗Patch: svn.cacti.net ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-3wj7-jcqx-7j5f: graph_image↗2022-05-01

▶

OSV

CVE-2007-3112: graph_image↗2007-06-07

▶

CVEList

CVE-2007-3112: graph_image↗2007-06-07

▶

📋Vendor Advisories

Debian

CVE-2007-3112: cacti - graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote auth...↗2007

▶

💬Community

Bugzilla

CVE-2007-3112, CVE-2007-3113: cacti DoS vulnerabilities↗2007-06-10

▶