CVE-2014-5383
published 2014-08-21CVE-2014-5383: SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
PriorityP353medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EXPLOIT
EPSS
21.19%
97.3th percentile
SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alienvault | open_source_security_information_management | <= 4.6.1 | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit)
exploitdb·2014-05-12
CVE-2014-5383 Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit)
Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit)
---
Exploit Title: AlienVault newpolicyform.php SQLi
Date: 5/9/2014
Exploit Author: chrisdhebert[at]gmail.com
Vendor Homepage: http://www.alienvault.com/
Software Link: http://www.alienvault.com/free-downloads-services
Version: 4.6.1 and below
Tested on: Linux
CVE : n/a
Vendor Security Advisory : AV-11394 http://forums.alienvault.com/discussion/2690/security-advisories-v4-6-1-and-lower
Timeline:
4/14/2014 (Vulnerablity Discovered)
4/17/2014 (Vendor Informed with receipt)
5/5/2014 (Vendor Patch Released v4.7.0)
5/9/2014 (Public Release)
Vendor Discription:
OSSIM is the most widely used SIEM offering, thanks in no small part to the open source
community that has promoted its use. OSSIM provides all of
Metasploit
AlienVault Authenticated SQL Injection Arbitrary File Read
metasploit
AlienVault Authenticated SQL Injection Arbitrary File Read
AlienVault Authenticated SQL Injection Arbitrary File Read
AlienVault 4.6.1 and below is susceptible to an authenticated SQL injection attack against newpolicyform.php, using the 'insertinto' parameter. This module exploits the vulnerability to read an arbitrary file from the file system. Any authenticated user is able to exploit this, as administrator privileges are not required.
No writeups or analysis indexed.
2014-08-21
Published