Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-8pnc-kuf5-jqda
Vulnerability ID VCID-8pnc-kuf5-jqda
Aliases CVE-2015-8369
Summary Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
System Score Found at
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2015-8369
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2015-8369
Reference id Reference type URL
http://bugs.cacti.net/view.php?id=2646
http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html
https://api.first.org/data/v1/epss?cve=CVE-2015-8369
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8369
http://seclists.org/fulldisclosure/2015/Dec/8
http://www.debian.org/security/2015/dsa-3423
http://www.securitytracker.com/id/1034497
807599 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807599
cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*
CVE-2015-8369 https://nvd.nist.gov/vuln/detail/CVE-2015-8369
GLSA-201607-05 https://security.gentoo.org/glsa/201607-05
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2015-8369
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.65689
EPSS Score 0.00495
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:03:43.510593+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201607-05 38.0.0