CVE-2017-6972

Name of the Vulnerable Software and Affected Versions AlienVault USM (Unified Security Management) and OSSIM (Open Source Security Information Management) (affected versions not specified) NfSen (affected versions not specified)

Description The issue is related to insufficient access control in the web interface of the affected systems, allowing a remote attacker to exploit the weakness, potentially leading to privilege escalation and arbitrary code execution by resetting privilege settings.

Recommendations For AlienVault USM and OSSIM, restrict access to the web interface until a fix is available. For NfSen, consider disabling remote access to the web interface as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this vulnerability.