|
Description
|
|
(#Several vulnerabilities were reported in AlienVault Unified Security Management:#- ENG-103100: predictable temporary files filenames and improper set of Content-Type header. A remote attacker could exploit it by enticing their victim into uploading a specially crafted NBE file in order to execute arbitrary JavaScript code##- ENG-103442: improper handling of specific requests to make the application unavailable##- ENG-103880: an attacker could modify requests to forge permissions and then delete alarms##- CVE-2016-8583: cross-site scripting in several parameters (including jobname, timeout, sched_id and targets) of an URL in vulnerability scan scheduler##- ENG-103929: cross-site scripting in the "User-Agent" header of the login process (CVE-2016-8581)##- ENG-103930: injection SQL in the "value" parameter of the "/ossim/dashboard/sections/widgets/data/gauge.php" page and triggerable via the "type" parameter (CVE-2016-8582)##- ENG-103931: arbitrary PHP object injection in several widget files (CVE-2016-8580)##- ENG-104047: command injection in backup password.#Updated 02/11/2016:#Proofs of concept are available (CVE-2016-8580, CVE-2016-8581, CVE-2016-8582, CVE-2016-8583).)
|
|
Vulnerable Products
|
|
Vulnerable Software:
Unified Security Management (AlienVault) - 1.0, 2.0, 3.0, 4.0, 4.1, ..., 5.2.3, 5.2.4, 5.2.5, 5.3, 5.3.1
|
