Lucene search
K

7 matches found

NVD
NVD
added 2014/08/21 2:55 p.m.25 views

CVE-2014-5210

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted 1 remotetask or 2 getlicense request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805...

10CVSS7.2AI score0.14917EPSS
Exploits2References4
NVD
NVD
added 2014/06/18 7:55 p.m.18 views

CVE-2014-4153

The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to read arbitrary files via a crafted getfile request...

7.8CVSS6.6AI score0.07385EPSS
Exploits2References3
Prion
Prion
added 2014/06/18 7:55 p.m.17 views

Cross site request forgery (csrf)

The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted setfile request...

10CVSS8.1AI score0.07321EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/06/18 7:0 p.m.25 views

CVE-2014-4153

The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to read arbitrary files via a crafted getfile request...

6.6AI score0.07385EPSS
Exploits2References3
CVE
CVE
added 2014/06/18 7:0 p.m.41 views

CVE-2014-4151

CVE-2014-4151 affects AlienVault OSSIM prior to 4.8.0. The av-centerd SOAP service is vulnerable to a set_file handling flaw that allows a remote, unauthenticated attacker to write arbitrary files and execute arbitrary code with root privileges. The issue stems from inadequate input sanitization ...

10CVSS7.7AI score0.07321EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2014/06/13 2:55 p.m.19 views

Design/Logic Flaw

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted 1 updatesysteminfodebianpackage, 2 ossectask, 3 setossimsetup adminip, 4 syncrserver, or 5 setossimsetup frameworkip request, a different vulnerability than CVE-2014-38...

10CVSS7.6AI score0.72376EPSS
Exploits16References7Affected Software1
Cvelist
Cvelist
added 2014/06/13 2:0 p.m.32 views

CVE-2014-3804

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted 1 updatesysteminfodebianpackage, 2 ossectask, 3 setossimsetup adminip, 4 syncrserver, or 5 setossimsetup frameworkip request, a different vulnerability than CVE-2014-38...

7.2AI score0.72376EPSS
Exploits9References7
Rows per page
Query Builder