The av-centerd SOAP service in AlienVault OSSIM prior to 4.7.0 allows remote malicious users to execute arbitrary commands via a crafted (1) update_system_info_debian_package, (2) ossec_task, (3) set_ossim_setup admin_ip, (4) sync_rserver, or (5) set_ossim_setup framework_ip request, a different vulnerability than CVE-2014-3805.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
alienvault open source security information management 4.6 |
||
alienvault open source security information management 4.5 |
||
alienvault open source security information management 4.4 |
||
alienvault open source security information management 4.2 |
||
alienvault open source security information management 4.2.2 |
||
alienvault open source security information management 4.0.4 |
||
alienvault open source security information management 4.1 |
||
alienvault open source security information management 4.3.1 |
||
alienvault open source security information management 4.3.2 |
||
alienvault open source security information management 4.0 |
||
alienvault open source security information management |
||
alienvault open source security information management 4.1.2 |
||
alienvault open source security information management 4.1.3 |
||
alienvault open source security information management 4.3.3 |
||
alienvault open source security information management 4.0.3 |
||
alienvault open source security information management 4.2.3 |
||
alienvault open source security information management 4.3 |
Vulmon