BASE.Base.QRY.Common.Remote.File.Inclusion
Description
It indicates a possible attack against a File Inclusion vulnerability in Basic Analysis and Security Engine (BASE).
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling include files in the URI. It allows a remote attacker to execute arbitrary code via sending a crafted web request.
Affected Products
Basic Analysis and Security Engine (BASE) versions before 2.10.8
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Update to BASE Basic Analysis and Security Engine 1.2.5
http://sourceforge.net/projects/secureideas/files/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |