What is the severity of CVE-2013-5589?

CVE-2013-5589 has been classified as a medium-severity vulnerability.

How do I fix CVE-2013-5589?

To fix CVE-2013-5589, it is recommended to upgrade to Cacti version 0.8.8c or later.

What type of vulnerability is CVE-2013-5589?

CVE-2013-5589 is an SQL injection vulnerability found in Cacti.

Which versions are affected by CVE-2013-5589?

CVE-2013-5589 affects Cacti versions 0.8.8b and earlier, as well as certain Debian and openSUSE versions.

Can CVE-2013-5589 be exploited remotely?

Yes, CVE-2013-5589 can be exploited remotely by attackers to execute arbitrary SQL commands.

Vulnerability/
CVE-2013-5589

high

7.5

CWE

29/8/2013

6/8/2024

CVE-2013-5589: SQL Injection

First published: Thu Aug 29 2013(Updated: )

SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Credit: security@debian.org

Affected Software	Affected Version	How to fix
Debian Linux	=7.0
Cacti	<=0.8.8b
Cacti	=0.8
Cacti	=0.8.1
Cacti	=0.8.2
Cacti	=0.8.2a
Cacti	=0.8.3
Cacti	=0.8.3a
Cacti	=0.8.4
Cacti	=0.8.5
Cacti	=0.8.5a
Cacti	=0.8.6
Cacti	=0.8.6a
Cacti	=0.8.6b
Cacti	=0.8.6c
Cacti	=0.8.6d
Cacti	=0.8.6e
Cacti	=0.8.6f
Cacti	=0.8.6g
Cacti	=0.8.6h
Cacti	=0.8.6i
Cacti	=0.8.6j
Cacti	=0.8.6k
Cacti	=0.8.7
Cacti	=0.8.7a
Cacti	=0.8.7b
Cacti	=0.8.7c
Cacti	=0.8.7d
Cacti	=0.8.7e
Cacti	=0.8.7f
Cacti	=0.8.7g
Cacti	=0.8.7h
Cacti	=0.8.7i
Cacti	=0.8.8
Cacti	=0.8.8a
openSUSE	=13.1
openSUSE	=13.2

Remedy

http://bugs.cacti.net/view.php?id=2383

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-5589?
CVE-2013-5589 has been classified as a medium-severity vulnerability.
How do I fix CVE-2013-5589?
To fix CVE-2013-5589, it is recommended to upgrade to Cacti version 0.8.8c or later.
What type of vulnerability is CVE-2013-5589?
CVE-2013-5589 is an SQL injection vulnerability found in Cacti.
Which versions are affected by CVE-2013-5589?
CVE-2013-5589 affects Cacti versions 0.8.8b and earlier, as well as certain Debian and openSUSE versions.
Can CVE-2013-5589 be exploited remotely?
Yes, CVE-2013-5589 can be exploited remotely by attackers to execute arbitrary SQL commands.

agent/type
agent/references
agent/author
agent/severity
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/debian
canonical/debian linux
version/debian linux/7.0
vendor/cacti
canonical/cacti
version/cacti/0.8.8b
version/cacti/0.8
version/cacti/0.8.1
version/cacti/0.8.2
version/cacti/0.8.2a
version/cacti/0.8.3
version/cacti/0.8.3a
version/cacti/0.8.4
version/cacti/0.8.5
version/cacti/0.8.5a
version/cacti/0.8.6
version/cacti/0.8.6a
version/cacti/0.8.6b
version/cacti/0.8.6c
version/cacti/0.8.6d
version/cacti/0.8.6e
version/cacti/0.8.6f
version/cacti/0.8.6g
version/cacti/0.8.6h
version/cacti/0.8.6i
version/cacti/0.8.6j
version/cacti/0.8.6k
version/cacti/0.8.7
version/cacti/0.8.7a
version/cacti/0.8.7b
version/cacti/0.8.7c
version/cacti/0.8.7d
version/cacti/0.8.7e
version/cacti/0.8.7f
version/cacti/0.8.7g
version/cacti/0.8.7h
version/cacti/0.8.7i
version/cacti/0.8.8
version/cacti/0.8.8a
vendor/opensuse
canonical/opensuse
version/opensuse/13.1
version/opensuse/13.2