Vulnerability Details : CVE-2016-8582
Public exploit exists!
A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOAD_FILE.
Vulnerability category: Sql Injection
Products affected by CVE-2016-8582
- cpe:2.3:a:alienvault:unified_security_management:*:*:*:*:*:*:*:*
- Alienvault » Open Source Security Information And Event ManagementVersions up to, including, (<=) 5.3.1cpe:2.3:a:alienvault:open_source_security_information_and_event_management:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-8582
95.63%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2016-8582
-
AlienVault OSSIM/USM Remote Code Execution
Disclosure Date: 2017-01-31First seen: 2020-04-26exploit/linux/http/alienvault_execThis module exploits object injection, authentication bypass and ip spoofing vulnerabilities all together. Unauthenticated users can execute arbitrary commands under the context of the root user. By abusing authentication bypass issue on gauge.php lead adversaries to exploi
CVSS scores for CVE-2016-8582
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-8582
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-8582
-
http://www.securityfocus.com/bid/93866
Multiple AlienVault Products 'widgets/data/gauge.php' SQL Injection Vulnerability
-
https://www.exploit-db.com/exploits/40684/
Alienvault OSSIM/USM 5.3.1 - SQL Injection
-
https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities
Security Advisory - AlienVault 5.3.2 address 70 vulnerabilities | AT&T CybersecurityVendor Advisory
Jump to