Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2010-2544

Date: August 23, 2010

Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.

Severity Score

Related Resources (15)

http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
http://marc.info/?l=oss-security&m=128017203704299&w=2
http://www.vupen.com/english/advisories/2010/2132
http://www.securityfocus.com/bid/42575
https://exchange.xforce.ibmcloud.com/vulnerabilities/61226
http://secunia.com/advisories/41041
http://marc.info/?l=oss-security&m=127978954522586&w=2
https://people.canonical.com/~ubuntu-security/cve/CVE-2010-2544
http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025&r2=6024&pathrev=6025
https://bugzilla.redhat.com/show_bug.cgi?id=459105
https://nvd.nist.gov/vuln/detail/CVE-2010-2544
https://rhn.redhat.com/errata/RHSA-2010-0635.html
http://svn.cacti.net/viewvc?view=rev&revision=6025
http://cacti.net/release_notes_0_8_7g.php
https://www.mend.io/vulnerability-database/CVE-2010-2544

Severity Score

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us