Vulnerabilities > Alienvault > Unified Security Management > 5.4.2

DATE CVE VULNERABILITY TITLE RISK
2018-03-14 CVE-2018-7279 Unspecified vulnerability in Alienvault products
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1.
network
low complexity
alienvault
critical
9.8
2017-10-18 CVE-2017-14956 Cross-Site Request Forgery (CSRF) vulnerability in Alienvault Unified Security Management
AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script.
network
low complexity
alienvault CWE-352
5.7