Arbitrary SQL Query and File Retrieval Vulnerability in AlienVault OSSIM and USM

Arbitrary SQL Query and File Retrieval Vulnerability in AlienVault OSSIM and USM

CVE-2016-8582 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOAD_FILE.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.