CVE-2016-7955

The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report...

CVE-2016-7955

CVE-2016-7955 affects AlienVault OSSIM/USM prior to 5.3.1. The vulnerability resides in the logcheck function (session.inc); by crafting a specific value in the AV Report Scheduler HTTP User-Agent header, an unauthenticated remote attacker can bypass authentication and, as a result, obtain sensit...

Alienvault OSSIM / USM 5.3.0 Authentication Bypass

Details ======= Product: Alienvault OSSIM/USM Vulnerability: Authentication Bypass Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-7955 Vulnerable Versions: =5.3.0 Fixed Version: 5.3.1 Vulnerability Details ===================== This vulnerability allows remote attackers to bypass...

Alienvault OSSIM/USM 5.3.0 Authentication Bypass Exploit

Exploit for php platform in category web applications Details ======= Product: Alienvault OSSIM/USM Vulnerability: Authentication Bypass Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-7955 Vulnerable Versions: =5.3.0 Fixed Version: 5.3.1 Vulnerability Details ===================== This...