ByteOS Network

Vulnerability Details :

CVE-2014-2326

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-27 Mar, 2014 | 16:00

Updated At-06 Aug, 2024 | 10:06

Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:27 Mar, 2014 | 16:00

Updated At:06 Aug, 2024 | 10:06

▼CVE Numbering Authority (CNA)

Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://svn.cacti.net/viewvc?view=rev&revision=7443	x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html	vendor-advisory x_refsource_FEDORA
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768	x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/531588	mailing-list x_refsource_BUGTRAQ
http://secunia.com/advisories/59203	third-party-advisory x_refsource_SECUNIA
http://bugs.cacti.net/view.php?id=2431	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html	vendor-advisory x_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html	vendor-advisory x_refsource_FEDORA
http://www.securityfocus.com/bid/66390	vdb-entry x_refsource_BID
http://secunia.com/advisories/57647	third-party-advisory x_refsource_SECUNIA
http://www.debian.org/security/2014/dsa-2970	vendor-advisory x_refsource_DEBIAN
http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html	x_refsource_MISC
https://security.gentoo.org/glsa/201509-03	vendor-advisory x_refsource_GENTOO

Hyperlink: http://svn.cacti.net/viewvc?view=rev&revision=7443

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/archive/1/531588

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://secunia.com/advisories/59203

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://bugs.cacti.net/view.php?id=2431

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://www.securityfocus.com/bid/66390

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://secunia.com/advisories/57647

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.debian.org/security/2014/dsa-2970

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html

Resource:

x_refsource_MISC

Hyperlink: https://security.gentoo.org/glsa/201509-03

Resource:

vendor-advisory

x_refsource_GENTOO

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://svn.cacti.net/viewvc?view=rev&revision=7443	x_refsource_CONFIRM x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html	vendor-advisory x_refsource_FEDORA x_transferred
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/archive/1/531588	mailing-list x_refsource_BUGTRAQ x_transferred
http://secunia.com/advisories/59203	third-party-advisory x_refsource_SECUNIA x_transferred
http://bugs.cacti.net/view.php?id=2431	x_refsource_CONFIRM x_transferred
http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html	vendor-advisory x_refsource_SUSE x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html	vendor-advisory x_refsource_FEDORA x_transferred
http://www.securityfocus.com/bid/66390	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/57647	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.debian.org/security/2014/dsa-2970	vendor-advisory x_refsource_DEBIAN x_transferred
http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html	x_refsource_MISC x_transferred
https://security.gentoo.org/glsa/201509-03	vendor-advisory x_refsource_GENTOO x_transferred

Hyperlink: http://svn.cacti.net/viewvc?view=rev&revision=7443

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/531588

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://secunia.com/advisories/59203

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://bugs.cacti.net/view.php?id=2431

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://www.securityfocus.com/bid/66390

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://secunia.com/advisories/57647

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.debian.org/security/2014/dsa-2970

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://security.gentoo.org/glsa/201509-03

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:27 Mar, 2014 | 16:55

Updated At:12 Apr, 2025 | 10:46

Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-79	Primary	nvd@nist.gov

CWE ID: CWE-79

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://bugs.cacti.net/view.php?id=2431	cve@mitre.org	Issue Tracking
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html	cve@mitre.org	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html	cve@mitre.org	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html	cve@mitre.org	Third Party Advisory
http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html	cve@mitre.org	Exploit Third Party Advisory VDB Entry
http://secunia.com/advisories/57647	cve@mitre.org	N/A
http://secunia.com/advisories/59203	cve@mitre.org	N/A
http://svn.cacti.net/viewvc?view=rev&revision=7443	cve@mitre.org	Issue Tracking Patch
http://www.debian.org/security/2014/dsa-2970	cve@mitre.org	Third Party Advisory
http://www.securityfocus.com/archive/1/531588	cve@mitre.org	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/66390	cve@mitre.org	Third Party Advisory VDB Entry
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768	cve@mitre.org	Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/201509-03	cve@mitre.org	N/A
http://bugs.cacti.net/view.php?id=2431	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
http://secunia.com/advisories/57647	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/59203	af854a3a-2127-422b-91ae-364da2661108	N/A
http://svn.cacti.net/viewvc?view=rev&revision=7443	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Patch
http://www.debian.org/security/2014/dsa-2970	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.securityfocus.com/archive/1/531588	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/66390	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Third Party Advisory
https://security.gentoo.org/glsa/201509-03	af854a3a-2127-422b-91ae-364da2661108	N/A