CVE-2016-7955

Published: Mar 15, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report Scheduler" HTTP User-Agent header.

Affected (2)

Products: Alienvault: Ossim, Unified Security Management

2 products

Unified Security Management

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Alienvault Ossim	Up to 5.3
Alienvault Unified Security Management	Up to 5.3

Related CWEs

References (6)

http://www.securityfocus.com/archive/1/540224/100/0/threaded

Source: cve@mitre.org

http://www.zerodayinitiative.com/advisories/ZDI-16-517/

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.alienvault.com/forums/discussion/7765/alienvault-v5-3-1-hotfix

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/540224/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zerodayinitiative.com/advisories/ZDI-16-517/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.alienvault.com/forums/discussion/7765/alienvault-v5-3-1-hotfix

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.