CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3484
https://notcve.org/view.php?id=CVE-2019-3484
25 Mar 2019 — Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de ejecución remota de código en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3483
https://notcve.org/view.php?id=CVE-2019-3483
25 Mar 2019 — Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. Mitiga un potencial problema de fuga de información en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3482
https://notcve.org/view.php?id=CVE-2019-3482
25 Mar 2019 — Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de salto de directorio en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3481
https://notcve.org/view.php?id=CVE-2019-3481
25 Mar 2019 — Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de análisis de entidades externas XML en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3480
https://notcve.org/view.php?id=CVE-2019-3480
25 Mar 2019 — Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de XSS persistente/reflejado en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2019-3479
https://notcve.org/view.php?id=CVE-2019-3479
25 Mar 2019 — Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. Mitiga un potencial problema de ejecución remota de código en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6863 – HP Security Bulletin HPSBGN03532 1
https://notcve.org/view.php?id=CVE-2015-6863
13 Jan 2016 — HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. HPE ArcSight Logger en versiones anteriores a 6.1P1 permite a atacantes remotos ejecutar código arbitrario a través de una entrada no especificada al componente de subida (1) Intellicus o (2) client-certificate. Potential security vulnerabilities have been identified in Intellicus and the client certificate upload components of HPE ArcSigh... • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04941487 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6864 – HP Security Bulletin HPSBGN03532 1
https://notcve.org/view.php?id=CVE-2015-6864
13 Jan 2016 — HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. HPE ArcSight Logger en versiones anteriores a 6.1P1 permite a usuarios remotos autenticados ejecutar código arbitrario a través de una entrada no especificada al componente de subida (1) Intellicus o (2) client-certificat. Potential security vulnerabilities have been identified in Intellicus and the client certificate upload comp... • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04941487 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2015-6030 – HP Security Bulletin HPSBGN03430 3
https://notcve.org/view.php?id=CVE-2015-6030
04 Nov 2015 — HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0 y ArcSight Connector Appliance 6.4.0.6881.3 utilizan la cuenta root para ejecutar archivos pertenecientes al usuario arcsight, lo que podría permitir a usuarios locales ob... • http://www.kb.cert.org/vuls/id/842252 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6029 – HP Security Bulletin HPSBGN03429 2
https://notcve.org/view.php?id=CVE-2015-6029
25 Oct 2015 — HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. HP ArcSight Logger en versiones anteriores a 6.0 P2 no limita los intentos para autenticar a la interfaz SOAP, lo que hace mas fácil para atacantes remotos obtener acceso a través de una aproximación de fuerza bruta. A potential security vulnerability has been identified with HP ArcSight Logger. The vulnerability could be expl... • http://www.kb.cert.org/vuls/id/842252 • CWE-254: 7PK - Security Features •