CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-5210

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile37.03th
Published2014年8月21日
Last Modified2026年5月6日

Vulnerability Description

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805.

Affected Platforms (CPE)

📦
Alienvault

Open Source Security Information Management

<= 4.6.1
📦
Alienvault

Open Source Security Information Management

= 1.0.4
📦
Alienvault

Open Source Security Information Management

= 1.0.6
📦
Alienvault

Open Source Security Information Management

= 2.1
📦
Alienvault

Open Source Security Information Management

= 2.1.2
📦
Alienvault

Open Source Security Information Management

= 2.1.5
📦
Alienvault

Open Source Security Information Management

= 2.1.5-1
📦
Alienvault

Open Source Security Information Management

= 2.1.5-2
📦
Alienvault

Open Source Security Information Management

= 2.1.5-3
📦
Alienvault

Open Source Security Information Management

= 3.1
📦
Alienvault

Open Source Security Information Management

= 3.1.9
📦
Alienvault

Open Source Security Information Management

= 3.1.10
📦
Alienvault

Open Source Security Information Management

= 3.1.12
📦
Alienvault

Open Source Security Information Management

= 4.0
📦
Alienvault

Open Source Security Information Management

= 4.0.3
📦
Alienvault

Open Source Security Information Management

= 4.0.4
📦
Alienvault

Open Source Security Information Management

= 4.1
📦
Alienvault

Open Source Security Information Management

= 4.1.2
📦
Alienvault

Open Source Security Information Management

= 4.1.3
📦
Alienvault

Open Source Security Information Management

= 4.2
📦
Alienvault

Open Source Security Information Management

= 4.2.2
📦
Alienvault

Open Source Security Information Management

= 4.2.3
📦
Alienvault

Open Source Security Information Management

= 4.3
📦
Alienvault

Open Source Security Information Management

= 4.3.1
📦
Alienvault

Open Source Security Information Management

= 4.3.2
📦
Alienvault

Open Source Security Information Management

= 4.3.3
📦
Alienvault

Open Source Security Information Management

= 4.4
📦
Alienvault

Open Source Security Information Management

= 4.5
📦
Alienvault

Open Source Security Information Management

= 4.6

References & Advisories

🔗 http://forums.alienvault.com/discussion/2690
🔗 http://www.securityfocus.com/bid/69239
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-294/
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-295/
🔗 http://forums.alienvault.com/discussion/2690
🔗 http://www.securityfocus.com/bid/69239
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-294/
🔗 http://www.zerodayinitiative.com/advisories/ZDI-14-295/

相關漏洞威脅

CVE-2009-43737.5

Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Mana...

CVE-2009-43747.5

Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Managemen...

CVE-2009-43727.5

AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote at...

CVE-2009-43757.5

SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSS...