CVE-2017-6972

CRITICAL

AlienVault USM/OSSIM <5.3.7 & NfSen <1.3.8 - Privilege Escalation

Title source: llm

Description

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Paul Taylor · textwebappslinux

https://www.exploit-db.com/exploits/42314

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/97016

[Third Party Advisory] https://sourceforge.net/p/nfsen/news/2017/01/nfsen-138-released---security-fix/

[Vendor Advisory] https://www.alienvault.com/forums/discussion/8698

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/42314/

Scores

CVSS v3 9.8

EPSS 0.1906

EPSS Percentile 95.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-273

Status published

Products (3)

alienvault/ossim < 5.3.6

alienvault/unified_security_management < 5.3.6

nfsen/nfsen < 1.3.7

Published Mar 22, 2017

Tracked Since Feb 18, 2026