Lucene search

K
AlienvaultOpen Source Security Information Management4.2.3

7 matches found

CVE
CVE
added 2014/08/21 2:55 p.m.65 views

CVE-2014-5210

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.

10CVSS7.3AI score0.80424EPSS
CVE
CVE
added 2014/06/13 2:55 p.m.47 views

CVE-2014-3805

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) get_license, (2) get_log_line, or (3) update_system/upgrade_pro_web request, a different vulnerability than CVE-2014-3804.

10CVSS7.3AI score0.80424EPSS
CVE
CVE
added 2014/06/13 2:55 p.m.45 views

CVE-2014-3804

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) update_system_info_debian_package, (2) ossec_task, (3) set_ossim_setup admin_ip, (4) sync_rserver, or (5) set_ossim_setup framework_ip request, a different vulnerabil...

10CVSS7.3AI score0.80424EPSS
CVE
CVE
added 2013/10/09 2:54 p.m.42 views

CVE-2013-5967

Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from parameter to (1) radar-iso27001-potential.php, (2) radar-iso27001-A12IS_acquisition-pot.php, (3) radar-...

7.5CVSS8.8AI score0.00304EPSS
CVE
CVE
added 2014/08/21 2:55 p.m.33 views

CVE-2014-5383

SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5CVSS8.2AI score0.24661EPSS
CVE
CVE
added 2014/08/21 2:55 p.m.29 views

CVE-2014-5158

The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary commands via unspecified vectors.

10CVSS7.9AI score0.05486EPSS
CVE
CVE
added 2014/08/21 2:55 p.m.24 views

CVE-2014-5159

SQL injection vulnerability in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary SQL commands via the ws_data parameter.

7.5CVSS8.7AI score0.00366EPSS