CVE-2017-6970
published 2017-03-22CVE-2017-6970: AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka…
PriorityP348high8.4CVSS 3.0
AVLACLPRNUINSUCHIHAH
EXPLOIT
EPSS
1.68%
74.0th percentile
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alienvault | ossim | <= 5.3.6 | — |
| alienvault | unified_security_management | <= 5.3.6 | — |
| nfsen | nfsen | <= 1.3.7 | — |
CVSS provenance
nvdv3.08.4HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-984w-gcj2-gr36: AlienVault USM and OSSIM before 5
ghsa_unreviewed·2022-05-13·CVSS 8.4
CVE-2017-6972 [HIGH] CWE-273 GHSA-984w-gcj2-gr36: AlienVault USM and OSSIM before 5
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.
GHSA
GHSA-cqp4-63c9-vpm9: AlienVault USM and OSSIM before 5
ghsa_unreviewed·2022-05-13
CVE-2017-6970 [HIGH] CWE-78 GHSA-cqp4-63c9-vpm9: AlienVault USM and OSSIM before 5
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863.
No detection rules found.
No writeups or analysis indexed.
https://sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/https://www.alienvault.com/forums/discussion/8325/https://www.alienvault.com/forums/discussion/8698https://www.exploit-db.com/exploits/42305/https://sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/https://www.alienvault.com/forums/discussion/8325/https://www.alienvault.com/forums/discussion/8698https://www.exploit-db.com/exploits/42305/
2017-03-22
Published