The vulnerability of the NfSen web interface, the system for management, control, and information security management of AlienVault USM and OSSIM, is related to deficiencies in access control. This allows attackers to enhance their privileges and execute arbitrary commands on the operating system.

🗓️ 07 Dec 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru

NfSen web interface access control flaw enables privilege escalation and remote code execution in AlienVault USM and OSSIM.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2017-6972	11 Jul 201700:00	–	circl
CNVD	Unspecified Vulnerability in AlienVault USM/OSSIM/NfSen	23 Mar 201700:00	–	cnvd
CVE	CVE-2017-6972	22 Mar 201720:00	–	cve
Cvelist	CVE-2017-6972	22 Mar 201720:00	–	cvelist
Exploit DB	NfSen < 1.3.7 / AlienVault OSSIM 4.3.1 - 'customfmt' Command Injection	11 Jul 201700:00	–	exploitdb
exploitpack	NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection	11 Jul 201700:00	–	exploitpack
NVD	CVE-2017-6972	22 Mar 201720:59	–	nvd
OSV	CVE-2017-6972	22 Mar 201720:59	–	osv
Packet Storm	NfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection	11 Jul 201700:00	–	packetstorm
Prion	Code injection	22 Mar 201720:59	–	prion

Vulners

Node

alienvault usmRange<5.3.7

OR

alienvault ossimRange<5.3.7

OR

nfsen nfsenRange<1.3.8

Source	Link
securityfocus	www.securityfocus.com/bid/97016
sourceforge	www.sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/
alienvault	www.alienvault.com/forums/discussion/8698
exploit-db	www.exploit-db.com/exploits/42314/
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

8.1High risk

Vulners AI Score8.1

CVSS 39.8

CVSS 210

EPSS0.19058

web interface open source security alienvault management privilege escalation remote code execution