Lucene search

K
cve[email protected]CVE-2015-3446
HistoryMay 01, 2015 - 3:59 p.m.

CVE-2015-3446

2015-05-0115:59:08
CWE-94
web.nvd.nist.gov
19
alienvault
usm
remote code execution
cve-2015-3446
nvd
security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.531 Medium

EPSS

Percentile

97.6%

The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file (.cfg).

Affected configurations

NVD
Node
alienvaultunified_security_managementRange4.14

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.531 Medium

EPSS

Percentile

97.6%

Related for CVE-2015-3446