CVE-2018-6501
https://notcve.org/view.php?id=CVE-2018-6501
Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls. Se ha identificado una vulnerabilidad potencial de seguridad de controles de acceso insuficientes en ArcSight Management Center (ArcMC) en versiones anteriores a la 2.81. La vulnerabilidad podría ser explotada para permitir controles de acceso insuficientes. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 •
CVE-2018-6500 – MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2018-6500
A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal. Se ha identificado una vulnerabilidad de salto de directorio en ArcSight Management Center (ArcMC) en todas las versiones anteriores a la 2.81. La vulnerabilidad se podría explotar de forma remota para permitir un salto de directorio. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •