CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3486 – ArcSight Security Management Center stored cross site script issue in version prior to 2.9.1
https://notcve.org/view.php?id=CVE-2019-3486
Mitigates a stored cross site scripting issue in ArcSight Security Management Center versions prior to 2.9.1 Mitiga un problema de Cross-Site Scripting (XSS) persistente en ArcSight Security Management Center en versiones anteriores a la 2.9.1. • https://community.microfocus.com/t5/ArcSight-Management-Center-ArcMC/ArcSight-Management-Center-2-91-Release-Notes/ta-p/1790266?attachment-id=74671 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6502 – MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2018-6502
A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Reflected Cross-site Scripting (XSS). Se ha identificado una vulnerabilidad de seguridad potencial de Cross-Site Scripting (XSS) reflejado en ArcSight Management Center (ArcMC) en todas las versiones anteriores a la 2.81. Esta vulnerabilidad podría explotarse para permitir Cross-Site Scripting (XSS) reflejado. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6503 – MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2018-6503
A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for vulnerable Access Controls. Se ha identificado una vulnerabilidad potencial de control de acceso en ArcSight Management Center (ArcMC) en todas las versiones anteriores a la 2.81. La vulnerabilidad podría ser explotada para permitir controles de acceso vulnerables. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6505 – MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2018-6505
A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. Se ha identificado una vulnerabilidad potencial de descarga de archivos en ArcSight Management Center (ArcMC) en todas las versiones anteriores a la 2.81. La vulnerabilidad podría ser explotada para permitir descargas no de archivos sin autenticación. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6501
https://notcve.org/view.php?id=CVE-2018-6501
Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls. Se ha identificado una vulnerabilidad potencial de seguridad de controles de acceso insuficientes en ArcSight Management Center (ArcMC) en versiones anteriores a la 2.81. La vulnerabilidad podría ser explotada para permitir controles de acceso insuficientes. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 •