3 matches found
CVE-2016-7955
The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report...
Alienvault OSSIM / USM 5.3.0 Authentication Bypass
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Authentication Bypass Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-7955 Vulnerable Versions: =5.3.0 Fixed Version: 5.3.1 Vulnerability Details ===================== This vulnerability allows remote attackers to bypass...
AlienVault Unified Security Management Remote Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication requirements on vulnerable installations of AlienVault Unified Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logcheck function in session.inc. By providing a...