CVE-2014-5383

Опубликовано: 21 авг. 2014

Источник: nvd

CVSS2: 6.5

EPSS Средний

Описание

SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Ссылки

http://forums.alienvault.com/discussion/2690
Vendor Advisory
http://www.securityfocus.com/bid/67312
Exploit
http://forums.alienvault.com/discussion/2690
Vendor Advisory
http://www.securityfocus.com/bid/67312
Exploit

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:alienvault:open_source_security_information_management:*:*:*:*:*:*:*:*

Версия до 4.6.1 (включая)

cpe:2.3:a:alienvault:open_source_security_information_management:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:2.1:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-1:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-2:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-3:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:3.1:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:3.1.9:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:3.1.10:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:3.1.12:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.0:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.1:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.1.3:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.2:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.3:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.3.2:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.4:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.5:*:*:*:*:*:*:*

cpe:2.3:a:alienvault:open_source_security_information_management:4.6:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.23456

Средний

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-wfh6-gvgq-pjxg

github

больше 3 лет назад