CVE-2011-5223

Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
cacticacti
𝑥
≤ 0.8.7h
cacticacti
0.5
cacticacti
0.6
cacticacti
0.6.1
cacticacti
0.6.2
cacticacti
0.6.3
cacticacti
0.6.4
cacticacti
0.6.5
cacticacti
0.6.6
cacticacti
0.6.7
cacticacti
0.6.8
cacticacti
0.6.8a:a
cacticacti
0.8
cacticacti
0.8.1
cacticacti
0.8.2
cacticacti
0.8.3
cacticacti
0.8.3a:a
cacticacti
0.8.4
cacticacti
0.8.5
cacticacti
0.8.5a:a
cacticacti
0.8.6
cacticacti
0.8.6a:a
cacticacti
0.8.6b:b
cacticacti
0.8.6c:c
cacticacti
0.8.6d:d
cacticacti
0.8.6f:f
cacticacti
0.8.6g:g
cacticacti
0.8.6h:h
cacticacti
0.8.6i:i
cacticacti
0.8.6j:j
cacticacti
0.8.6k:k
cacticacti
0.8.7
cacticacti
0.8.7a:a
cacticacti
0.8.7b:b
cacticacti
0.8.7c:c
cacticacti
0.8.7d:d
cacticacti
0.8.7e:e
cacticacti
0.8.7f:f
cacticacti
0.8.7g:g
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cacti
bullseye
1.2.16+ds1-2+deb11u3
fixed
bullseye (security)
1.2.16+ds1-2+deb11u4
fixed
bookworm
1.2.24+ds1-1+deb12u4
fixed
bookworm (security)
1.2.24+ds1-1+deb12u2
fixed
sid
1.2.28+ds1-2
fixed
trixie
1.2.28+ds1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cacti
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
ignored
natty
ignored
lucid
ignored
hardy
ignored
Common Weakness Enumeration
References
http://bugs.cacti.net/view.php?id=2062
http://forums.cacti.net/viewtopic.php?f=21&t=44116
http://forums.cacti.net/viewtopic.php?f=4&t=45871
http://secunia.com/advisories/47195
http://www.securityfocus.com/bid/51048
https://exchange.xforce.ibmcloud.com/vulnerabilities/71792
http://bugs.cacti.net/view.php?id=2062
http://forums.cacti.net/viewtopic.php?f=21&t=44116
http://forums.cacti.net/viewtopic.php?f=4&t=45871
http://secunia.com/advisories/47195
http://www.securityfocus.com/bid/51048
https://exchange.xforce.ibmcloud.com/vulnerabilities/71792