CVE-2017-6972
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-6972
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
AlienVault USM、OSSIM和NfSen 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AlienVault USM和OSSIM都是美国AlienVault公司的产品。USM是一套提供了安全监控、安全事件管理和报告、威胁感知系统等功能的安全管理平台。OSSIM是一套开源的安全信息管理系统。NfSen是一个nfdump(一款开源的netflow收集、存储、过滤、统计分析工具)的基于Web的前端。 AlienVault USM和OSSIM 5.3.7之前的版本和NfSen 1.3.8之前的版本中存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2017-6972
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-6972
Please Login to view more intelligence information
- https://www.alienvault.com/forums/discussion/8698x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2017-6972
Same Patch Batch · n/a · 2017-03-22 · 29 CVEs total
| CVE-2017-7226 | GNU Binutils 缓冲区错误漏洞 | |
| CVE-2017-7222 | MantisBT 跨站脚本漏洞 | |
| CVE-2017-5874 | D-Link DIR-600M Rev. Cx 跨站请求伪造漏洞 | |
| CVE-2017-6971 | AlienVault USM、OSSIM和NfSen 安全漏洞 | |
| CVE-2017-6970 | AlienVault USM、OSSIM和NfSen 安全漏洞 | |
| CVE-2014-9840 | ImageMagick 安全漏洞 | |
| CVE-2014-9839 | ImageMagick 安全漏洞 | |
| CVE-2014-9838 | ImageMagick 安全漏洞 | |
| CVE-2014-9836 | ImageMagick 安全漏洞 | |
| CVE-2014-9835 | ImageMagick 缓冲区错误漏洞 | |
| CVE-2014-9834 | ImageMagick 缓冲区错误漏洞 | |
| CVE-2014-9833 | ImageMagick 缓冲区错误漏洞 | |
| CVE-2014-9832 | ImageMagick 缓冲区错误漏洞 | |
| CVE-2017-7227 | GNU Binutils 缓冲区错误漏洞 | |
| CVE-2017-3851 | Cisco IOx Cisco Application-hosting Framework 路径遍历漏洞 | |
| CVE-2017-7225 | GNU Binutils 安全漏洞 | |
| CVE-2017-7224 | GNU Binutils 安全漏洞 | |
| CVE-2017-7223 | GNU Binutils 安全漏洞 | |
| CVE-2017-5673 | Joomla! Kunena组件跨站脚本漏洞 | |
| CVE-2017-7231 | pngdefry 缓冲区错误漏洞 |
Showing top 20 of 29 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2017-6972
No comments yet