Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-4000

Опубликовано: 15 нояб. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.5
CVSS3: 8.8

Описание

Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).

РелизСтатусПримечание
devel

not-affected

0.8.8h+ds1-8
esm-apps/xenial

not-affected

0.8.8f+ds1-4ubuntu4.16.04.1
esm-infra-legacy/trusty

released

0.8.8b+dfsg-5ubuntu0.2
precise

ignored

end of life
precise/esm

DNE

precise was needed
trusty

released

0.8.8b+dfsg-5ubuntu0.2
trusty/esm

released

0.8.8b+dfsg-5ubuntu0.2
upstream

released

1.0.0,0.8.8e
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 78%
0.011
Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2014-4000

CVSS3: 8.8
nvd
около 8 лет назад

Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).

debian логотип

CVE-2014-4000

CVSS3: 8.8
debian
около 8 лет назад

Cacti before 1.0.0 allows remote authenticated users to conduct PHP ob ...

suse-cvrf логотип

openSUSE-SU-2017:0663-1

suse-cvrf
почти 9 лет назад

Security update for cacti

github логотип

GHSA-gr67-7v65-6xcw

CVSS3: 8.8
github
больше 3 лет назад

Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).

EPSS

Процентиль: 78%
0.011
Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3