CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-3446

The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file (.cfg).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.1%

CVSS Severity

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/74403
http://www.zerodayinitiative.com/advisories/ZDI-15-161/
https://www.alienvault.com/forums/discussion/4415/
http://www.securityfocus.com/bid/74403
http://www.zerodayinitiative.com/advisories/ZDI-15-161/
https://www.alienvault.com/forums/discussion/4415/

Products affected by CVE-2015-3446

Alienvault » Unified Security Management » Version: 4.14

cpe:2.3:a:alienvault:unified_security_management:4.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3446

Products

Pricing

Contact Us