Lucene search
HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-4375
cve-2009-4375
sql injection
repository_attachment.php
alienvault open source
ossim
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
61.1%
SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter.
Affected configurations
Node
alienvaultopen_source_security_information_managementMatch2.1.5
ORalienvaultopen_source_security_information_managementMatch2.1.5-1
ORalienvaultopen_source_security_information_managementMatch2.1.5-2
ORalienvaultopen_source_security_information_managementMatch2.1.5-3
Related
cvelist
cvelist
CVE-2009-4375
2022-10-03 16:24:03
prion
prion
Sql injection
2009-12-21 16:30:00
nvd
nvd
CVE-2009-4375
2009-12-21 16:30:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
61.1%
Related for CVE-2009-4375