CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11656
https://notcve.org/view.php?id=CVE-2019-11656
Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Una vulnerabilidad de tipo XSS almacenado en Micro Focus ArcSight Logger afecta las versiones anteriores a Logger versión 6.7.1 HotFix versión 6.7.1.8262.0. Esta vulnerabilidad podría permitir la Neutralización Inapropiada de la Entrada Durante la Generación de Páginas Web ("Cross-site Scripting"). • https://community.microfocus.com/t5/ArcSight-Announcements/ArcSight-Logger-Fix-for-Security-Vulnerability/td-p/2699569 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11655
https://notcve.org/view.php?id=CVE-2019-11655
Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. This vulnerability could allow Unrestricted Upload of File with Dangerous type. Vulnerabilidad de carga de archivos sin restricciones en Micro Focus ArcSight Logger, versión 6.7.0 y posteriores. Esta vulnerabilidad podría permitir la Carga Irrestricta de Archivos con tipo Peligroso. • https://community.microfocus.com/t5/ArcSight-Announcements/ArcSight-Logger-Fix-for-Security-Vulnerability/td-p/2699569 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3485 – ArcSight Logger stored cross site script issue in version prior to 6.7.1
https://notcve.org/view.php?id=CVE-2019-3485
Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1 Mitiga un problema de Cross-Site Scripting (XSS) persistente en ArcSight Logger, en versiones anteriores a la 6.7.1. • http://www.securityfocus.com/bid/109363 https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3484
https://notcve.org/view.php?id=CVE-2019-3484
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. Mitiga un problema de ejecución remota de código en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3483
https://notcve.org/view.php?id=CVE-2019-3483
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. Mitiga un potencial problema de fuga de información en ArcSight Logger, en versiones anteriores a la 6.7. • https://softwaresupport.softwaregrp.com/doc/KM03355866 •