CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-3479
https://notcve.org/view.php?id=CVE-2019-3479
Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. Mitiga un potencial problema de ejecución remota de código en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6863
https://notcve.org/view.php?id=CVE-2015-6863
HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. HPE ArcSight Logger en versiones anteriores a 6.1P1 permite a atacantes remotos ejecutar código arbitrario a través de una entrada no especificada al componente de subida (1) Intellicus o (2) client-certificate. • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04941487 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6864
https://notcve.org/view.php?id=CVE-2015-6864
HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. HPE ArcSight Logger en versiones anteriores a 6.1P1 permite a usuarios remotos autenticados ejecutar código arbitrario a través de una entrada no especificada al componente de subida (1) Intellicus o (2) client-certificat. • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04941487 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2015-5441
https://notcve.org/view.php?id=CVE-2015-5441
Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de XSS en HP ArcSight Management Center en versiones anteriores a 2.1 y ArcSight Logger en versiones anteriores a 6.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN51046809/index.html http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-005909.html http://www.securityfocus.com/archive/1/536877/100/0/threaded https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04797406 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2136
https://notcve.org/view.php?id=CVE-2015-2136
HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors. Vulnerabilidad en HP ArcSight Logger en versiones anteriores a 6.0 P2, permite a usuarios remotos autenticados eludir la política destinada a la autenticación a través de vectores no especificados. • https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762372 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •