CVE-2010-1645

Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://svn.cacti.net/viewvc?view=rev&revision=5782
http://svn.cacti.net/viewvc?view=rev&revision=5778
http://secunia.com/advisories/41041	Vendor Advisory
http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php
http://svn.cacti.net/viewvc?view=rev&revision=5784
https://rhn.redhat.com/errata/RHSA-2010-0635.html
http://www.cacti.net/release_notes_0_8_7f.php
https://bugzilla.redhat.com/show_bug.cgi?id=609115
http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
http://www.vupen.com/english/advisories/2010/2132

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
	cpe:2.3:a:cacti:cacti:0.6:::::::*
	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
	cpe:2.3:a:cacti:cacti:0.5:-::::::
	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
	cpe:2.3:a:cacti:cacti:0.8:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
	cpe:2.3:a:cacti:cacti::::::::

Information

Published : 2010-08-23 15:00

Updated : 2012-02-15 20:03

NVD link : CVE-2010-1645

Mitre link : CVE-2010-1645

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

cacti

cacti

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://svn.cacti.net/viewvc?view=rev&revision=5782", "name": "http://svn.cacti.net/viewvc?view=rev&revision=5782", "tags": [], "refsource": "CONFIRM"}, {"url": "http://svn.cacti.net/viewvc?view=rev&revision=5778", "name": "http://svn.cacti.net/viewvc?view=rev&revision=5778", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/41041", "name": "41041", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php", "name": "http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php", "tags": [], "refsource": "MISC"}, {"url": "http://svn.cacti.net/viewvc?view=rev&revision=5784", "name": "http://svn.cacti.net/viewvc?view=rev&revision=5784", "tags": [], "refsource": "CONFIRM"}, {"url": "https://rhn.redhat.com/errata/RHSA-2010-0635.html", "name": "RHSA-2010:0635", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.cacti.net/release_notes_0_8_7f.php", "name": "http://www.cacti.net/release_notes_0_8_7f.php", "tags": [], "refsource": "CONFIRM"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609115", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=609115", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:160", "name": "MDVSA-2010:160", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://www.vupen.com/english/advisories/2010/2132", "name": "ADV-2010-2132", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-1645", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-08-23T22:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "0.8.7e"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2012-02-16T04:03Z"}

6.5 /10