CVE-2015-4046

Sažetak

The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php.

Reference

http://www.securityfocus.com/bid/74795
https://sysdream.com/uploads/media/default/0001/01/8c6a70098657b4474fe7abe9bcdd5e73b234b610.pdf
https://www.alienvault.com/forums/discussion/5127/

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

30-05-2017 - 20:09

Objavljeno

23-05-2017 - 04:29