CVE-2014-4152

Published: Jun 18, 2014Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remote_task request, related to injecting an ssh public key.

Affected (7)

Products: Alienvault: Open Source Security Information Management

Alienvault

1 product

Open Source Security Information Management

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Alienvault Open Source Security Information Management	Up to 4.7.0
Alienvault Open Source Security Information Management	Version 4.0
Alienvault Open Source Security Information Management	Version 4.3.3
Alienvault Open Source Security Information Management	Version 4.4
Alienvault Open Source Security Information Management	Version 4.5
Alienvault Open Source Security Information Management	Version 4.6.1
Alienvault Open Source Security Information Management	Version 4.6