NotCVE - vendor:"Microfocus" product:"Arcsight Enterprise Security Manager"

Page 2 of 9 results (0.002 seconds)

CVSS: 8.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-1991

https://notcve.org/view.php?id=CVE-2016-1991

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors. HPE ArcSight ESM 5.x en versiones anteriores a 5.6, 6.0, 6.5.x en versiones anteriores a 6.5C SP1 Patch 2 y 6.8c en versiones anteriores a P1 y ArcSight ESM Express en versiones anteriores a 6.9.1, permite a usuarios remotos autenticados llevar a cabo ataques de "descarga de archivo" no especificados a través de vectores desconocidos. • http://www.securitytracker.com/id/1035282 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452 •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-6030

https://notcve.org/view.php?id=CVE-2015-6030

HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0 y ArcSight Connector Appliance 6.4.0.6881.3 utilizan la cuenta root para ejecutar archivos pertenecientes al usuario arcsight, lo que podría permitir a usuarios locales obtener privilegios mediante el aprovechamiento del acceso a la cuenta ArcSight. • http://www.kb.cert.org/vuls/id/842252 http://www.securitytracker.com/id/1034072 http://www.securitytracker.com/id/1034073 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04872416 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-7885

https://notcve.org/view.php?id=CVE-2014-7885

Multiple unspecified vulnerabilities in HP ArcSight Enterprise Security Manager (ESM) before 6.8c have unknown impact and remote attack vectors. Múltiples vulnerabilidades no especificadas en HP ArcSight Enterprise Security Manager (ESM) anterior a 6.8c tienen un impacto desconocido y vectores de ataques remotos. • http://www.kb.cert.org/vuls/id/868948 http://www.securitytracker.com/id/1031921 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04562193 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2013-4815

https://notcve.org/view.php?id=CVE-2013-4815

Cross-site scripting (XSS) vulnerability in the web interface in HP ArcSight Enterprise Security Manager (ESM) before 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en el interfaz web en HP ArcSight Enterprise Security Manager (ESM) anterior a v5.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03901176 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2