Lucene search

[email protected]NVD:CVE-2010-2544

HistoryAug 23, 2010 - 10:00 p.m.

CVE-2010-2544

2010-08-2322:00:03

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON

Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.

Affected configurations

NVD

Node

cacticactiRange≤0.8.7f

cacticactiMatch0.5-

cacticactiMatch0.6

cacticactiMatch0.6.1

cacticactiMatch0.6.2

cacticactiMatch0.6.3

cacticactiMatch0.6.4

cacticactiMatch0.6.5

cacticactiMatch0.6.6

cacticactiMatch0.6.7

cacticactiMatch0.6.8

cacticactiMatch0.6.8a

cacticactiMatch0.8

cacticactiMatch0.8.1

cacticactiMatch0.8.2

cacticactiMatch0.8.2a

cacticactiMatch0.8.3

cacticactiMatch0.8.3a

cacticactiMatch0.8.4

cacticactiMatch0.8.5

cacticactiMatch0.8.5a

cacticactiMatch0.8.6

cacticactiMatch0.8.6a

cacticactiMatch0.8.6b

cacticactiMatch0.8.6c

cacticactiMatch0.8.6d

cacticactiMatch0.8.6f

cacticactiMatch0.8.6g

cacticactiMatch0.8.6h

cacticactiMatch0.8.6i

cacticactiMatch0.8.6j

cacticactiMatch0.8.6k

cacticactiMatch0.8.7

cacticactiMatch0.8.7a

cacticactiMatch0.8.7b

cacticactiMatch0.8.7c

cacticactiMatch0.8.7d

cacticactiMatch0.8.7e

References

cacti.net/release_notes_0_8_7g.php

marc.info/?l=oss-security&m=127978954522586&w=2

marc.info/?l=oss-security&m=128017203704299&w=2

secunia.com/advisories/41041

svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025&r2=6024&pathrev=6025

svn.cacti.net/viewvc?view=rev&revision=6025

www.mandriva.com/security/advisories?name=MDVSA-2010:160

www.securityfocus.com/bid/42575

www.vupen.com/english/advisories/2010/2132

bugzilla.redhat.com/show_bug.cgi?id=459105

exchange.xforce.ibmcloud.com/vulnerabilities/61226

rhn.redhat.com/errata/RHSA-2010-0635.html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON

Related for NVD:CVE-2010-2544

cvelist1 prion1 checkpoint_advisories1 debiancve1 ubuntucve1 cve1 veracode1 nessus2 openvas5 gentoo1