{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T17:17:46.770","vulnerabilities":[{"cve":{"id":"CVE-2014-2327","sourceIdentifier":"cve@mitre.org","published":"2014-04-23T15:55:03.390","lastModified":"2025-04-12T10:46:40.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users."},{"lang":"es","value":"Vulnerabilidad de CSRF en Cacti 0.8.7g, 0.8.8b y anteriores permite a atacantes remotos secuestrar la autenticaciĆ³n de usuarios para comandos no especificados, tal y como fue demostrado por solicitudes que (1)modifican archivos binarios, (2) modifican configuraciones o (3) aƱaden usuarios arbitrarios."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*","versionStartIncluding":"0.8.7","versionEndIncluding":"0.8.7g","matchCriteriaId":"D08EEA74-DEA9-4547-9028-9FE66BAF1CA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*","versionStartIncluding":"0.8.8","versionEndIncluding":"0.8.8b","matchCriteriaId":"AA00CF6C-501D-4212-A6C8-85644E40455C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","matchCriteriaId":"A10BC294-9196-425F-9FB0-B1625465B47F"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","matchCriteriaId":"03117DF1-3BEC-4B8D-AD63-DBBDB2126081"}]}]}],"references":[{"url":"http://jvn.jp/en/jp/JVN55076671/index.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://secunia.com/advisories/59203","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2014/dsa-2970","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/archive/1/531588","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/66392","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201509-03","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://jvn.jp/en/jp/JVN55076671/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002239.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://secunia.com/advisories/59203","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.debian.org/security/2014/dsa-2970","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/archive/1/531588","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/66392","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201509-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}