PatchSiren cyber security CVE debrief
CVE-2017-5998 Intersect Alliance CVE debrief
CVE-2017-5998 is a cross-site scripting (XSS) vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5. According to the CVE record, a remote authenticated user can inject arbitrary web script or HTML through the str_log_name parameter during a Web Admin Portal > Log Configuration > Add action. The issue was published on 2017-02-17 and is rated CVSS 5.4 (Medium). Because the attack requires authentication and user interaction, the primary risk is browser-side compromise of the administrative web session and integrity of portal content.
- Vendor
- Intersect Alliance
- Product
- CVE-2017-5998
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-17
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-17
- Advisory updated
- 2026-05-13
Who should care
Organizations running InterSect Alliance SNARE Epilog for UNIX 1.5, especially teams that administer or expose the Web Admin Portal to multiple authenticated users. Security teams responsible for web application input handling and session protection should also review this issue.
Technical summary
NVD maps this issue to CWE-79 and lists the vulnerable CPE as cpe:2.3:a:intersect_alliance:snare_epilog:1.5.0. The NVD CVSS v3.0 vector is AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, indicating network reachability, low attack complexity, required privileges, required user interaction, and scope change. The vulnerable path is the Log Configuration > Add function in the Web Admin Portal, where untrusted input in str_log_name can be reflected or stored in a way that executes in a browser context.
Defensive priority
Medium. The vulnerability is authenticated and requires user interaction, but it can still impact administrative browser sessions and portal integrity.
Recommended defensive actions
- Confirm whether SNARE Epilog for UNIX 1.5.0 is deployed anywhere in your environment.
- Restrict access to the Web Admin Portal to trusted administrative users and networks only.
- Review vendor and official CVE/NVD references for any available fix, update, or mitigation guidance.
- Treat str_log_name and similar portal fields as untrusted input and ensure proper server-side validation and output encoding.
- Monitor for unexpected changes in log configuration entries and suspicious admin portal activity.
- If exposure is confirmed, assess whether browser sessions or admin actions could have been impacted and rotate credentials or invalidate sessions as needed.
Evidence notes
This debrief is based on the CVE description and NVD metadata provided in the source corpus. The CVE text explicitly identifies XSS in SNARE Epilog for UNIX 1.5 via str_log_name in the Web Admin Portal > Log Configuration > Add workflow. NVD supplies the CWE-79 classification, the CVSS v3.0 vector, and the affected CPE. The supplied timeline shows publication on 2017-02-17 and a later metadata modification on 2026-05-13; the publication date is used here as the issue-date context. No KEV listing was provided in the corpus.
Official resources
-
CVE-2017-5998 CVE record
CVE.org
-
CVE-2017-5998 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Technical Description, Third Party Advisory
Publicly disclosed vulnerability record; no KEV designation was provided in the supplied corpus, and no exploit code or weaponized reproduction is included here.