CVE-2017-14956 — MEDIUM (5.7)

Q: How severe is CVE-2017-14956?

CVE-2017-14956 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-14956?

Check the references section above for vendor advisories and patch information. Affected products include: Alienvault Unified Security Management.

Vulnerability Description

AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script. Besides offering an export via a local download, the script also offers the possibility to send out any report via email to a given address (either in PDF or XLS format). Since there is no anti-CSRF token protecting this functionality, it is vulnerable to Cross-Site Request Forgery attacks.

CVSS Score

5.7

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Alienvault	Unified Security Management	<= 5.4.2

Related Weaknesses (CWE)

CWE-352

References

http://packetstormsecurity.com/files/144617/AlienVault-USM-5.4.2-Cross-Site-RequExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2017/Oct/32ExploitMailing ListThird Party Advisory
http://www.securityfocus.com/archive/1/541342/100/0/threadedThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/101284Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/42988/ExploitThird Party AdvisoryVDB Entry
https://www.rcesecurity.com/2017/10/cve-2017-14956-alienvault-usm-leaks-sensitivExploitThird Party Advisory
http://packetstormsecurity.com/files/144617/AlienVault-USM-5.4.2-Cross-Site-RequExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2017/Oct/32ExploitMailing ListThird Party Advisory
http://www.securityfocus.com/archive/1/541342/100/0/threadedThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/101284Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/42988/ExploitThird Party AdvisoryVDB Entry
https://www.rcesecurity.com/2017/10/cve-2017-14956-alienvault-usm-leaks-sensitivExploitThird Party Advisory

FAQ

What is CVE-2017-14956?

CVE-2017-14956 is a vulnerability with a CVSS score of 5.7 (MEDIUM). AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script. Besides offering an export via a local do...

How severe is CVE-2017-14956?

CVE-2017-14956 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-14956?

Check the references section above for vendor advisories and patch information. Affected products include: Alienvault Unified Security Management.