Product
alienvault unified security management
12 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2018-7279
CVE-2017-14956
CVE-2017-6972
CVE-2017-6971
CVE-2017-6970
CVE-2016-7955
CVE-2016-8583
CVE-2016-8582
CVE-2016-8581
CVE-2016-8580
CVE-2016-6913
CVE-2015-3446
< 5.5.1
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1.
<= 5.4.2
AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/repo
<= 5.3.6
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfS
<= 5.3.6
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a p
<= 5.3.6
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged conte
<= 5.3
The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allow
<= 5.3.1
Multiple GET parameters in the vulnerability scan scheduler of AlienVault OSSIM and USM before 5.3.2 are vulnerable to reflected X
<= 5.3.1
A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL q
<= 5.3.1
A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that
<= 5.3.1
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilitie
<= 5.2
Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbit
<= 4.14
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python cod