Privilege Escalation in AlienVault USM and OSSIM

Privilege Escalation in AlienVault USM and OSSIM

CVE-2017-6972 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.

Learn more about our Web Application Penetration Testing UK.