Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2014-2327

Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.3%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2014-2327
  • Cacti » Cacti » Version: 0.8.7
    cpe:2.3:a:cacti:cacti:0.8.7
  • Cacti » Cacti » Version: 0.8.7a
    cpe:2.3:a:cacti:cacti:0.8.7a
  • Cacti » Cacti » Version: 0.8.7b
    cpe:2.3:a:cacti:cacti:0.8.7b
  • Cacti » Cacti » Version: 0.8.7c
    cpe:2.3:a:cacti:cacti:0.8.7c
  • Cacti » Cacti » Version: 0.8.7d
    cpe:2.3:a:cacti:cacti:0.8.7d
  • Cacti » Cacti » Version: 0.8.7e
    cpe:2.3:a:cacti:cacti:0.8.7e
  • Cacti » Cacti » Version: 0.8.7f
    cpe:2.3:a:cacti:cacti:0.8.7f
  • Cacti » Cacti » Version: 0.8.7g
    cpe:2.3:a:cacti:cacti:0.8.7g
  • Cacti » Cacti » Version: 0.8.8
    cpe:2.3:a:cacti:cacti:0.8.8
  • Cacti » Cacti » Version: 0.8.8a
    cpe:2.3:a:cacti:cacti:0.8.8a
  • Cacti » Cacti » Version: 0.8.8b
    cpe:2.3:a:cacti:cacti:0.8.8b
  • Debian » Debian Linux » Version: 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Debian » Debian Linux » Version: 8.0
    cpe:2.3:o:debian:debian_linux:8.0
  • Opensuse » Opensuse » Version: 13.1
    cpe:2.3:o:opensuse:opensuse:13.1
  • Opensuse » Opensuse » Version: 13.2
    cpe:2.3:o:opensuse:opensuse:13.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved