Vulnerability Description
The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report Scheduler" HTTP User-Agent header.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alienvault | Ossim | <= 5.3 |
| Alienvault | Unified Security Management | <= 5.3 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/archive/1/540224/100/0/threaded
- http://www.zerodayinitiative.com/advisories/ZDI-16-517/Third Party AdvisoryVDB Entry
- https://www.alienvault.com/forums/discussion/7765/alienvault-v5-3-1-hotfixVendor Advisory
- http://www.securityfocus.com/archive/1/540224/100/0/threaded
- http://www.zerodayinitiative.com/advisories/ZDI-16-517/Third Party AdvisoryVDB Entry
- https://www.alienvault.com/forums/discussion/7765/alienvault-v5-3-1-hotfixVendor Advisory
FAQ
What is CVE-2016-7955?
CVE-2016-7955 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain se...
How severe is CVE-2016-7955?
CVE-2016-7955 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-7955?
Check the references section above for vendor advisories and patch information. Affected products include: Alienvault Ossim, Alienvault Unified Security Management.