Page 2 of 20 results (0.004 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de salto de directorio en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de análisis de entidades externas XML en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de XSS persistente/reflejado en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. Mitiga un potencial problema de ejecución remota de código en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. HPE ArcSight Logger en versiones anteriores a 6.1P1 permite a atacantes remotos ejecutar código arbitrario a través de una entrada no especificada al componente de subida (1) Intellicus o (2) client-certificate. • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04941487 • CWE-20: Improper Input Validation •