CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24469
https://notcve.org/view.php?id=CVE-2023-24469
13 Jun 2023 — Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0 • https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24470
https://notcve.org/view.php?id=CVE-2023-24470
13 Jun 2023 — Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0. • https://portal.microfocus.com/s/article/KM000018224?language=en_US • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26331 – Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).
https://notcve.org/view.php?id=CVE-2022-26331
31 Aug 2022 — Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían ser explotadas de forma remota dando lugar a una Divulgación de Información, o ataques de tipo Cross-Sit... • https://portal.microfocus.com/s/article/KM000010167?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26330 – Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.
https://notcve.org/view.php?id=CVE-2022-26330
31 Aug 2022 — Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían explotarse de forma remota, resultando en una Divulgación de Información o ataques de tipo Cross-Site Sc... • https://portal.microfocus.com/s/article/KM000010167?language=en_US •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2020-11851
https://notcve.org/view.php?id=CVE-2020-11851
17 Nov 2020 — Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. Una vulnerabilidad de ejecución de código arbitraria en el producto Micro Focus ArcSight Logger, afectando a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una ejecución de código arbitraria • https://github.com/ch1nghz/CVE-2020-11851 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11860
https://notcve.org/view.php?id=CVE-2020-11860
17 Nov 2020 — Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, que afecta a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25834
https://notcve.org/view.php?id=CVE-2020-25834
17 Nov 2020 — Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS). Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, afectando a versión 7.1. La vulnerabilidad podría ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11839
https://notcve.org/view.php?id=CVE-2020-11839
12 Jun 2020 — Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. Vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Logger, afectando a todas las versiones desde 6.6.1 hasta la versión 7.0.1. Las vulnerabilidades podrían ser explotadas remotamente, resultando en un ataque de tipo Cross-Site ... • https://softwaresupport.softwaregrp.com/doc/KM03650887 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11657
https://notcve.org/view.php?id=CVE-2019-11657
17 Dec 2019 — Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack. Vulnerabilidad de tipo Cross-Site Request Forgery en todo Micro Focus ArcSight Logger afectando a todas las versiones del producto por debajo de la versión 7.0. La vulnerabilidad podría ser explotada para lleva a cabo un ataque de tipo CSRF. • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2015-6030 – HP Security Bulletin HPSBGN03430 3
https://notcve.org/view.php?id=CVE-2015-6030
04 Nov 2015 — HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0 y ArcSight Connector Appliance 6.4.0.6881.3 utilizan la cuenta root para ejecutar archivos pertenecientes al usuario arcsight, lo que podría permitir a usuarios locales ob... • http://www.kb.cert.org/vuls/id/842252 • CWE-264: Permissions, Privileges, and Access Controls •