CVE-2017-6972 - AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and

CVE-2017-6972

Summary

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.

References

Vulnerable Configurations

cpe:2.3:a:alienvault:ossim:*:*:*:*:*:*:*:*
cpe:2.3:a:alienvault:ossim:*:*:*:*:*:*:*:*
cpe:2.3:a:alienvault:unified_security_management:4.14:*:*:*:*:*:*:*
cpe:2.3:a:alienvault:unified_security_management:4.14:*:*:*:*:*:*:*
cpe:2.3:a:nfsen:nfsen:-:*:*:*:*:*:*:*
cpe:2.3:a:nfsen:nfsen:-:*:*:*:*:*:*:*
cpe:2.3:a:nfsen:nfsen:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:nfsen:nfsen:1.2.3:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-273

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	97016
confirm	https://sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/ https://www.alienvault.com/forums/discussion/8698
exploit-db	42314

Last major update

03-10-2019 - 00:03

Published

22-03-2017 - 20:59

Last modified

03-10-2019 - 00:03