CVE-2017-6971 in USMinfo

Zusammenfassung (Englisch)

AlienVault USM and OSSIM before 5.3.5 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862. NOTE: the AlienVault vendor statement of affected versions is disputed by another party.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

17.03.2017

Veröffentlichung

22.03.2017

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
98369	Alienvault USM/OSSIM PHP Session ID erweiterte Rechte	264	High	Offizieller Fix	CVE-2017-6971

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!