CyberSec.Space Logo
Back to CVE Browser

CVE-2014-5210

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile37.03th
PublishedAug 21, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.

Affected Platforms (CPE)

πŸ“¦
Alienvault

Open Source Security Information Management

<= 4.6.1
πŸ“¦
Alienvault

Open Source Security Information Management

= 1.0.4
πŸ“¦
Alienvault

Open Source Security Information Management

= 1.0.6
πŸ“¦
Alienvault

Open Source Security Information Management

= 2.1
πŸ“¦
Alienvault

Open Source Security Information Management

= 2.1.2
πŸ“¦
Alienvault

Open Source Security Information Management

= 2.1.5
πŸ“¦
Alienvault

Open Source Security Information Management

= 2.1.5-1
πŸ“¦
Alienvault

Open Source Security Information Management

= 2.1.5-2
πŸ“¦
Alienvault

Open Source Security Information Management

= 2.1.5-3
πŸ“¦
Alienvault

Open Source Security Information Management

= 3.1
πŸ“¦
Alienvault

Open Source Security Information Management

= 3.1.9
πŸ“¦
Alienvault

Open Source Security Information Management

= 3.1.10
πŸ“¦
Alienvault

Open Source Security Information Management

= 3.1.12
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.0
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.0.3
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.0.4
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.1
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.1.2
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.1.3
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.2
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.2.2
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.2.3
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.3
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.3.1
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.3.2
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.3.3
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.4
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.5
πŸ“¦
Alienvault

Open Source Security Information Management

= 4.6

References & Advisories

πŸ”— http://forums.alienvault.com/discussion/2690
πŸ”— http://www.securityfocus.com/bid/69239
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-14-294/
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-14-295/
πŸ”— http://forums.alienvault.com/discussion/2690
πŸ”— http://www.securityfocus.com/bid/69239
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-14-294/
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-14-295/

Related Vulnerabilities

CVE-2009-43737.5

Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Mana...

CVE-2009-43747.5

Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Managemen...

CVE-2009-43727.5

AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote at...

CVE-2009-43757.5

SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSS...