Lucene search

[email protected]NVD:CVE-2014-5383

HistoryAug 21, 2014 - 2:55 p.m.

CVE-2014-5383

2014-08-2114:55:05

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.041

Percentile

92.3%

JSON

SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

Nvd

Node

alienvaultopen_source_security_information_managementRange≤4.6.1

alienvaultopen_source_security_information_managementMatch1.0.4

alienvaultopen_source_security_information_managementMatch1.0.6

alienvaultopen_source_security_information_managementMatch2.1

alienvaultopen_source_security_information_managementMatch2.1.2

alienvaultopen_source_security_information_managementMatch2.1.5

alienvaultopen_source_security_information_managementMatch2.1.5-1

alienvaultopen_source_security_information_managementMatch2.1.5-2

alienvaultopen_source_security_information_managementMatch2.1.5-3

alienvaultopen_source_security_information_managementMatch3.1

alienvaultopen_source_security_information_managementMatch3.1.9

alienvaultopen_source_security_information_managementMatch3.1.10

alienvaultopen_source_security_information_managementMatch3.1.12

alienvaultopen_source_security_information_managementMatch4.0

alienvaultopen_source_security_information_managementMatch4.0.3

alienvaultopen_source_security_information_managementMatch4.0.4

alienvaultopen_source_security_information_managementMatch4.1

alienvaultopen_source_security_information_managementMatch4.1.2

alienvaultopen_source_security_information_managementMatch4.1.3

alienvaultopen_source_security_information_managementMatch4.2

alienvaultopen_source_security_information_managementMatch4.2.2

alienvaultopen_source_security_information_managementMatch4.2.3

alienvaultopen_source_security_information_managementMatch4.3

alienvaultopen_source_security_information_managementMatch4.3.1

alienvaultopen_source_security_information_managementMatch4.3.2

alienvaultopen_source_security_information_managementMatch4.3.3

alienvaultopen_source_security_information_managementMatch4.4

alienvaultopen_source_security_information_managementMatch4.5

alienvaultopen_source_security_information_managementMatch4.6

VendorProductVersionCPE
alienvaultopen_source_security_information_management*cpe:2.3:a:alienvault:open_source_security_information_management:*:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management1.0.4cpe:2.3:a:alienvault:open_source_security_information_management:1.0.4:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management1.0.6cpe:2.3:a:alienvault:open_source_security_information_management:1.0.6:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management2.1cpe:2.3:a:alienvault:open_source_security_information_management:2.1:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management2.1.2cpe:2.3:a:alienvault:open_source_security_information_management:2.1.2:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management2.1.5cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management2.1.5-1cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-1:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management2.1.5-2cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-2:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management2.1.5-3cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-3:*:*:*:*:*:*:*
alienvaultopen_source_security_information_management3.1cpe:2.3:a:alienvault:open_source_security_information_management:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
alienvault	open_source_security_information_management	*	cpe:2.3:a:alienvault:open_source_security_information_management::::::::
alienvault	open_source_security_information_management	1.0.4	cpe:2.3:a:alienvault:open_source_security_information_management:1.0.4:::::::*
alienvault	open_source_security_information_management	1.0.6	cpe:2.3:a:alienvault:open_source_security_information_management:1.0.6:::::::*
alienvault	open_source_security_information_management	2.1	cpe:2.3:a:alienvault:open_source_security_information_management:2.1:::::::*
alienvault	open_source_security_information_management	2.1.2	cpe:2.3:a:alienvault:open_source_security_information_management:2.1.2:::::::*
alienvault	open_source_security_information_management	2.1.5	cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5:::::::*
alienvault	open_source_security_information_management	2.1.5-1	cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-1:::::::*
alienvault	open_source_security_information_management	2.1.5-2	cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-2:::::::*
alienvault	open_source_security_information_management	2.1.5-3	cpe:2.3:a:alienvault:open_source_security_information_management:2.1.5-3:::::::*
alienvault	open_source_security_information_management	3.1	cpe:2.3:a:alienvault:open_source_security_information_management:3.1:::::::*