CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35701

An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.059

EPSS Ranking 90.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2020-35701

Cacti » Cacti » Version: 1.2.0

cpe:2.3:a:cacti:cacti:1.2.0
Cacti » Cacti » Version: 1.2.1

cpe:2.3:a:cacti:cacti:1.2.1
Cacti » Cacti » Version: 1.2.10

cpe:2.3:a:cacti:cacti:1.2.10
Cacti » Cacti » Version: 1.2.11

cpe:2.3:a:cacti:cacti:1.2.11
Cacti » Cacti » Version: 1.2.12

cpe:2.3:a:cacti:cacti:1.2.12
Cacti » Cacti » Version: 1.2.13

cpe:2.3:a:cacti:cacti:1.2.13
Cacti » Cacti » Version: 1.2.14

cpe:2.3:a:cacti:cacti:1.2.14
Cacti » Cacti » Version: 1.2.15

cpe:2.3:a:cacti:cacti:1.2.15
Cacti » Cacti » Version: 1.2.16

cpe:2.3:a:cacti:cacti:1.2.16
Cacti » Cacti » Version: 1.2.2

cpe:2.3:a:cacti:cacti:1.2.2
Cacti » Cacti » Version: 1.2.3

cpe:2.3:a:cacti:cacti:1.2.3
Cacti » Cacti » Version: 1.2.4

cpe:2.3:a:cacti:cacti:1.2.4
Cacti » Cacti » Version: 1.2.5

cpe:2.3:a:cacti:cacti:1.2.5
Cacti » Cacti » Version: 1.2.6

cpe:2.3:a:cacti:cacti:1.2.6
Cacti » Cacti » Version: 1.2.7

cpe:2.3:a:cacti:cacti:1.2.7
Cacti » Cacti » Version: 1.2.8

cpe:2.3:a:cacti:cacti:1.2.8
Cacti » Cacti » Version: 1.2.9

cpe:2.3:a:cacti:cacti:1.2.9
Fedoraproject » Fedora » Version: 32

cpe:2.3:o:fedoraproject:fedora:32
Fedoraproject » Fedora » Version: 33

cpe:2.3:o:fedoraproject:fedora:33
Fedoraproject » Fedora » Version: 34

cpe:2.3:o:fedoraproject:fedora:34

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35701

Products

Pricing

Contact Us