Arbitrary Command Execution Vulnerability in AlienVault OSSIM Asset Discovery Scanner

CVE-2015-4046 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php.

Learn more about our User Device Pen Test.