AlienVault.USM.OSSIM.GetDirectiveK.DirectiveId.SQL.Injection
Description
This indicates an attack attempt to exploit an SQL Injection Vulnerability in AlienVault Unified Security Management and Open Source SIEM.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker could exploit this to execute arbitrary command as root, via a crafted request.
Affected Products
AlienVault OSSIM prior to 5.2.4
AlienVault Unified Security Management prior to 5.2.4
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |