OSSIM.Uniqueid.Parameter.Remote.Command.Execution
Description
This indicates an attack attempt against a remote Command Execution vulnerability in Open Source Security Information Management (OSSIM).
The vulnerability is caused by improper sanitization of the 'uniqueid' parameter. Remote attackers could exploit it to execute arbitrary commands via a shell metacharacter.
Affected Products
Open Source Security Information Management (ossim) 2.1.5
Impact
System Compromise: Arbitrary command execution.
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |