CVE-2011-5223

Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Published: Oct 25, 2012
Updated: Apr 13, 2023
CVE: CVE-2011-5223
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
cacti / cacti	0.8.6k	0.8.6k.x
cacti / cacti	0.8.6d	0.8.6d.x
cacti / cacti	0.6.3	0.6.3.x
cacti / cacti	0.5	0.5.x
cacti / cacti	0.8.7	0.8.7.x
cacti / cacti	0.8.5a	0.8.5a.x
cacti / cacti	0.8.3	0.8.3.x
cacti / cacti	0.6.8	0.6.8.x
cacti / cacti	0.8.2	0.8.2.x
cacti / cacti	0.8.5	0.8.5.x
cacti / cacti	0.6.6	0.6.6.x
cacti / cacti	0.8.7d	0.8.7d.x
cacti / cacti	0.8.7b	0.8.7b.x
cacti / cacti	0.8.7a	0.8.7a.x
cacti / cacti	0.6.2	0.6.2.x
cacti / cacti	0.6.5	0.6.5.x
cacti / cacti	0.8.6f	0.8.6f.x
cacti / cacti	0.8.6g	0.8.6g.x
cacti / cacti	0.8.6j	0.8.6j.x
cacti / cacti	0.8.7c	0.8.7c.x
cacti / cacti	0.6.1	0.6.1.x
cacti / cacti	0.8	0.8.x
cacti / cacti	0.8.7f	0.8.7f.x
cacti / cacti	0.8.7e	0.8.7e.x
cacti / cacti	0.8.6a	0.8.6a.x
cacti / cacti	0.8.6i	0.8.6i.x
cacti / cacti	0.8.6	0.8.6.x
cacti / cacti	0.6.8a	0.6.8a.x
cacti / cacti	0.6.7	0.6.7.x
cacti / cacti	0.8.1	0.8.1.x
cacti / cacti	0.8.4	0.8.4.x
cacti / cacti	0.8.6c	0.8.6c.x
cacti / cacti	0.6.4	0.6.4.x
cacti / cacti	-	0.8.7h.x
cacti / cacti	0.8.6b	0.8.6b.x
cacti / cacti	0.8.7g	0.8.7g.x
cacti / cacti	0.8.3a	0.8.3a.x
cacti / cacti	0.8.6h	0.8.6h.x
cacti / cacti	0.6	0.6.x

Vulnerability Database

289,782

CVE-2011-5223