Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

alienvault ossim vulnerabilities and exploits

(subscribe to this query)
1000
VMScore
CVE-2017-6972
AlienVault USM and OSSIM prior to 5.3.7 and NfSen prior to 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.
Alienvault OssimAlienvault Unified Security ManagementNfsen Nfsen
1000
VMScore
CVE-2014-5210
The av-centerd SOAP service in AlienVault OSSIM prior to 4.7.0 allows remote malicious users to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.
Alienvault Open Source Security Information ManagementAlienvault Open Source Security Information Management 4.5Alienvault Open Source Security Information Management 4.3Alienvault Open Source Security Information Management 4.2.2Alienvault Open Source Security Information Management 4.0Alienvault Open Source Security Information Management 3.1.12Alienvault Open Source Security Information Management 2.1.2Alienvault Open Source Security Information Management 1.0.6Alienvault Open Source Security Information Management 4.1.3Alienvault Open Source Security Information Management 4.1.2Alienvault Open Source Security Information Management 4.1Alienvault Open Source Security Information Management 4.0.4Alienvault Open Source Security Information Management 4.0.3Alienvault Open Source Security Information Management 1.0.4Alienvault Open Source Security Information Management 4.4Alienvault Open Source Security Information Management 4.3.3Alienvault Open Source Security Information Management 4.3.2Alienvault Open Source Security Information Management 4.3.1Alienvault Open Source Security Information Management 3.1Alienvault Open Source Security Information Management 2.1.5-3Alienvault Open Source Security Information Management 2.1.5-2Alienvault Open Source Security Information Management 2.1.5-1
1000
VMScore
CVE-2014-3804
The av-centerd SOAP service in AlienVault OSSIM prior to 4.7.0 allows remote malicious users to execute arbitrary commands via a crafted (1) update_system_info_debian_package, (2) ossec_task, (3) set_ossim_setup admin_ip, (4) sync_rserver, or (5) set_ossim_setup framework_ip requ...
Alienvault Open Source Security Information Management 4.6Alienvault Open Source Security Information Management 4.5Alienvault Open Source Security Information Management 4.4Alienvault Open Source Security Information Management 4.2Alienvault Open Source Security Information Management 4.2.2Alienvault Open Source Security Information Management 4.0.4Alienvault Open Source Security Information Management 4.1Alienvault Open Source Security Information Management 4.3.1Alienvault Open Source Security Information Management 4.3.2Alienvault Open Source Security Information Management 4.0Alienvault Open Source Security Information ManagementAlienvault Open Source Security Information Management 4.1.2Alienvault Open Source Security Information Management 4.1.3Alienvault Open Source Security Information Management 4.3.3Alienvault Open Source Security Information Management 4.0.3Alienvault Open Source Security Information Management 4.2.3Alienvault Open Source Security Information Management 4.3
1000
VMScore
CVE-2014-3805
The av-centerd SOAP service in AlienVault OSSIM prior to 4.7.0 allows remote malicious users to execute arbitrary commands via a crafted (1) get_license, (2) get_log_line, or (3) update_system/upgrade_pro_web request, a different vulnerability than CVE-2014-3804.
Alienvault Open Source Security Information ManagementAlienvault Open Source Security Information Management 4.6Alienvault Open Source Security Information Management 4.1.2Alienvault Open Source Security Information Management 4.1.3Alienvault Open Source Security Information Management 4.2Alienvault Open Source Security Information Management 4.3.3Alienvault Open Source Security Information Management 4.0.3Alienvault Open Source Security Information Management 4.3Alienvault Open Source Security Information Management 4.3.1Alienvault Open Source Security Information Management 4.0Alienvault Open Source Security Information Management 4.0.4Alienvault Open Source Security Information Management 4.1Alienvault Open Source Security Information Management 4.3.2Alienvault Open Source Security Information Management 4.5Alienvault Open Source Security Information Management 4.4Alienvault Open Source Security Information Management 4.2.2Alienvault Open Source Security Information Management 4.2.3
905
VMScore
CVE-2017-7175
NfSen prior to 1.3.8 allows remote malicious users to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).
Nfsen Nfsen
905
VMScore
CVE-2017-6971
AlienVault USM and OSSIM prior to 5.3.7 and NfSen prior to 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862.
Alienvault OssimAlienvault Unified Security ManagementNfsen Nfsen
890
VMScore
CVE-2014-5158
The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM prior to 4.6.0 allows remote malicious users to execute arbitrary commands via unspecified vectors.
Alienvault Open Source Security Information ManagementAlienvault Open Source Security Information Management 4.3Alienvault Open Source Security Information Management 4.2.2Alienvault Open Source Security Information Management 4.0Alienvault Open Source Security Information Management 3.1.12Alienvault Open Source Security Information Management 2.1.5-1Alienvault Open Source Security Information Management 2.1.2Alienvault Open Source Security Information Management 1.0.6Alienvault Open Source Security Information Management 4.2.3Alienvault Open Source Security Information Management 4.2Alienvault Open Source Security Information Management 4.0.3Alienvault Open Source Security Information Management 3.1.9Alienvault Open Source Security Information Management 2.1.5Alienvault Open Source Security Information Management 2.1Alienvault Open Source Security Information Management 4.4Alienvault Open Source Security Information Management 4.3.3Alienvault Open Source Security Information Management 4.3.2Alienvault Open Source Security Information Management 4.3.1Alienvault Open Source Security Information Management 3.1.10Alienvault Open Source Security Information Management 3.1Alienvault Open Source Security Information Management 2.1.5-3Alienvault Open Source Security Information Management 2.1.5-2
890
VMScore
CVE-2014-4152
The av-centerd SOAP service in AlienVault OSSIM prior to 4.8.0 allows remote malicious users to execute arbitrary code via a crafted remote_task request, related to injecting an ssh public key.
Alienvault Open Source Security Information Management 4.6.1Alienvault Open Source Security Information Management 4.0Alienvault Open Source Security Information Management 4.6Alienvault Open Source Security Information Management 4.5Alienvault Open Source Security Information Management 4.4Alienvault Open Source Security Information Management 4.3.3Alienvault Open Source Security Information Management
890
VMScore
CVE-2014-4151
The av-centerd SOAP service in AlienVault OSSIM prior to 4.8.0 allows remote malicious users to create arbitrary files and execute arbitrary code via a crafted set_file request.
Alienvault Open Source Security Information Management 4.6Alienvault Open Source Security Information Management 4.5Alienvault Open Source Security Information Management 4.4Alienvault Open Source Security Information Management 4.3.3Alienvault Open Source Security Information ManagementAlienvault Open Source Security Information Management 4.6.1Alienvault Open Source Security Information Management 4.0
785
VMScore
CVE-2014-4153
The av-centerd SOAP service in AlienVault OSSIM prior to 4.8.0 allows remote malicious users to read arbitrary files via a crafted get_file request.
Alienvault Open Source Security Information Management 4.6Alienvault Open Source Security Information Management 4.5Alienvault Open Source Security Information Management 4.4Alienvault Open Source Security Information Management 4.3.3Alienvault Open Source Security Information Management 4.0Alienvault Open Source Security Information ManagementAlienvault Open Source Security Information Management 4.6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248CVE-2024-3110CVE-2024-5552CVE-2024-29415HTML injectionCVE-2024-3095TCPtype confusionCVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook