What is the vulnerability ID CVE-2011-4824 about?

CVE-2011-4824 describes an SQL injection vulnerability in auth_login.php in Cacti versions before 0.8.7h that allows remote attackers to execute arbitrary SQL commands via the login_username parameter.

What are the affected versions for CVE-2011-4824?

CVE-2011-4824 affects Cacti versions including 0.5, 0.8.0 - 0.8.7g before the fix was applied.

How do I fix CVE-2011-4824?

To fix CVE-2011-4824, upgrade Cacti to version 0.8.7h or later.

What type of attack does CVE-2011-4824 allow?

CVE-2011-4824 allows attackers to perform SQL injection attacks.

What is the significance of CVE-2011-4824?

The significance of CVE-2011-4824 lies in its potential to compromise the database integrity by executing arbitrary SQL commands.

Vulnerability/
CVE-2011-4824

high

7.5

CWE

15/12/2011

7/8/2024

CVE-2011-4824: SQL Injection

First published: Thu Dec 15 2011(Updated: )

SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Cacti	=0.5
Cacti	=0.8.6k
Cacti	=0.8.6d
Cacti	=0.6.3
Cacti	=0.8.7
Cacti	=0.8.5a
Cacti	=0.8.3
Cacti	=0.6.8
Cacti	=0.8.2
Cacti	=0.8.5
Cacti	=0.6.6
Cacti	=0.8.7d
Cacti	=0.8.7b
Cacti	=0.8.7a
Cacti	=0.6.2
Cacti	=0.6.5
Cacti	=0.8.6f
Cacti	=0.8.6g
Cacti	=0.8.6j
Cacti	=0.8.7c
Cacti	=0.6.1
Cacti	=0.8
Cacti	<=0.8.7g
Cacti	=0.8.7e
Cacti	=0.8.6a
Cacti	=0.8.6i
Cacti	=0.8.6
Cacti	=0.6.8a
Cacti	=0.6.7
Cacti	=0.8.1
Cacti	=0.8.4
Cacti	=0.8.6c
Cacti	=0.6.4
Cacti	=0.8.6b
Cacti	=0.8.2a
Cacti	=0.8.3a
Cacti	=0.8.6h
Cacti	=0.6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID CVE-2011-4824 about?
CVE-2011-4824 describes an SQL injection vulnerability in auth_login.php in Cacti versions before 0.8.7h that allows remote attackers to execute arbitrary SQL commands via the login_username parameter.
What are the affected versions for CVE-2011-4824?
CVE-2011-4824 affects Cacti versions including 0.5, 0.8.0 - 0.8.7g before the fix was applied.
How do I fix CVE-2011-4824?
To fix CVE-2011-4824, upgrade Cacti to version 0.8.7h or later.
What type of attack does CVE-2011-4824 allow?
CVE-2011-4824 allows attackers to perform SQL injection attacks.
What is the significance of CVE-2011-4824?
The significance of CVE-2011-4824 lies in its potential to compromise the database integrity by executing arbitrary SQL commands.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/references
agent/severity
agent/event
agent/first-publish-date
agent/description
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/weakness
vendor/cacti
canonical/cacti
version/cacti/0.5
version/cacti/0.8.6k
version/cacti/0.8.6d
version/cacti/0.6.3
version/cacti/0.8.7
version/cacti/0.8.5a
version/cacti/0.8.3
version/cacti/0.6.8
version/cacti/0.8.2
version/cacti/0.8.5
version/cacti/0.6.6
version/cacti/0.8.7d
version/cacti/0.8.7b
version/cacti/0.8.7a
version/cacti/0.6.2
version/cacti/0.6.5
version/cacti/0.8.6f
version/cacti/0.8.6g
version/cacti/0.8.6j
version/cacti/0.8.7c
version/cacti/0.6.1
version/cacti/0.8
version/cacti/0.8.7g
version/cacti/0.8.7e
version/cacti/0.8.6a
version/cacti/0.8.6i
version/cacti/0.8.6
version/cacti/0.6.8a
version/cacti/0.6.7
version/cacti/0.8.1
version/cacti/0.8.4
version/cacti/0.8.6c
version/cacti/0.6.4
version/cacti/0.8.6b
version/cacti/0.8.2a
version/cacti/0.8.3a
version/cacti/0.8.6h
version/cacti/0.6