CVE-2016-8582

Name of the Vulnerable Software and Affected Versions AlienVault OSSIM and USM versions prior to 5.3.2

Description A vulnerability exists that allows an attacker to execute an arbitrary SQL query, potentially leading to the retrieval of database information or the reading of local system files via MySQL's LOAD FILE.

Recommendations For versions prior to 5.3.2, update to version 5.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the gauge.php file to minimize the risk of exploitation.