AlienVault USM and OSSIM prior to 5.3.7 and NfSen prior to 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alienvault ossim |
||
alienvault unified security management |
||
nfsen nfsen |