This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of AlienVault OSSIM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the av-centerd SOAP service. The issue lies within the improper handling of a parameter in get_file requests. An attacker can leverage this vulnerability to read arbitrary files from the underlying OS with root privileges.