NotCVE - vendor:"Hp" product:"Arcsight Management Center" version:"

Page 3 of 14 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6505 – MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability

https://notcve.org/view.php?id=CVE-2018-6505

A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. Se ha identificado una vulnerabilidad potencial de descarga de archivos en ArcSight Management Center (ArcMC) en todas las versiones anteriores a la 2.81. La vulnerabilidad podría ser explotada para permitir descargas no de archivos sin autenticación. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6501

https://notcve.org/view.php?id=CVE-2018-6501

Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls. Se ha identificado una vulnerabilidad potencial de seguridad de controles de acceso insuficientes en ArcSight Management Center (ArcMC) en versiones anteriores a la 2.81. La vulnerabilidad podría ser explotada para permitir controles de acceso insuficientes. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6500 – MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability

https://notcve.org/view.php?id=CVE-2018-6500

A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal. Se ha identificado una vulnerabilidad de salto de directorio en ArcSight Management Center (ArcMC) en todas las versiones anteriores a la 2.81. La vulnerabilidad se podría explotar de forma remota para permitir un salto de directorio. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-6030

https://notcve.org/view.php?id=CVE-2015-6030

HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0 y ArcSight Connector Appliance 6.4.0.6881.3 utilizan la cuenta root para ejecutar archivos pertenecientes al usuario arcsight, lo que podría permitir a usuarios locales obtener privilegios mediante el aprovechamiento del acceso a la cuenta ArcSight. • http://www.kb.cert.org/vuls/id/842252 http://www.securitytracker.com/id/1034072 http://www.securitytracker.com/id/1034073 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04872416 • CWE-264: Permissions, Privileges, and Access Controls •

1 2 3