CVE-2016-7955

Name of the Vulnerable Software and Affected Versions AlienVault OSSIM versions prior to 5.3.1 USM versions prior to 5.3.1

Description The issue allows remote attackers to bypass authentication, potentially obtaining sensitive information, modifying the application, or executing arbitrary code as root. This is achieved via a specific "AV Report Scheduler" HTTP User-Agent header.

Recommendations For AlienVault OSSIM versions prior to 5.3.1, update to version 5.3.1 or later to resolve the issue. For USM versions prior to 5.3.1, update to version 5.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the logcheck function in session.inc until a patch is available.