Open Source Security Information Management (OSSIM) prior to 2.1.2 allows remote malicious users to bypass authentication, and read graphs or infrastructure information, via a direct request to (1) graphs/alarms_events.php or (2) host/draw_tree.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alienvault ossim |
||
alienvault ossim 1.0.6 |
||
alienvault ossim 1.0.4 |