CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-2835 – OpenText ArcSight Enterprise Security Manager and ArcSight Platform Stored XSS
https://notcve.org/view.php?id=CVE-2024-2835
20 May 2024 — A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited. Se ha identificado una vulnerabilidad de Cross Site Scripting Almacenado (XSS) en OpenText ArcSight Enterprise Security Manager y ArcSight Platform. La vulnerabilidad podría explotarse de forma remota. • https://portal.microfocus.com/s/article/KM000029773 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-3482 – OpenText ArcSight Enterprise Security Manager and ArcSight Platform Stored XSS
https://notcve.org/view.php?id=CVE-2024-3482
20 May 2024 — A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited. Se ha identificado una vulnerabilidad de Cross Site Scripting Almacenado (XSS) en OpenText ArcSight Enterprise Security Manager y ArcSight Platform. La vulnerabilidad podría explotarse de forma remota. • https://portal.microfocus.com/s/article/KM000029773 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-1990 – HP Security Bulletin HPSBGN03556 1
https://notcve.org/view.php?id=CVE-2016-1990
15 Mar 2016 — HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors. HPE ArcSight ESM 5.x en versiones anteriores a 5.6, 6.0, 6.5.x en versiones anteriores a 6.5C SP1 Patch 2 y 6.8c en versiones anteriores a P1 y ArcSight ESM Express en versiones anteriores a 6.9.1, permite a usuarios locales obtener privilegios para la ejecución de comandos a través de vectores no ... • http://www.securitytracker.com/id/1035282 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.0EPSS: 0%CPEs: 5EXPL: 0CVE-2016-1991 – HP Security Bulletin HPSBGN03556 1
https://notcve.org/view.php?id=CVE-2016-1991
15 Mar 2016 — HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors. HPE ArcSight ESM 5.x en versiones anteriores a 5.6, 6.0, 6.5.x en versiones anteriores a 6.5C SP1 Patch 2 y 6.8c en versiones anteriores a P1 y ArcSight ESM Express en versiones anteriores a 6.9.1, permite a usuarios remotos autenticados llevar a cabo ataques de "descarga de archiv... • http://www.securitytracker.com/id/1035282 •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2015-6030 – HP Security Bulletin HPSBGN03430 3
https://notcve.org/view.php?id=CVE-2015-6030
04 Nov 2015 — HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0 y ArcSight Connector Appliance 6.4.0.6881.3 utilizan la cuenta root para ejecutar archivos pertenecientes al usuario arcsight, lo que podría permitir a usuarios locales ob... • http://www.kb.cert.org/vuls/id/842252 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7885 – HP Security Bulletin HPSBGN03249 1
https://notcve.org/view.php?id=CVE-2014-7885
13 Mar 2015 — Multiple unspecified vulnerabilities in HP ArcSight Enterprise Security Manager (ESM) before 6.8c have unknown impact and remote attack vectors. Múltiples vulnerabilidades no especificadas en HP ArcSight Enterprise Security Manager (ESM) anterior a 6.8c tienen un impacto desconocido y vectores de ataques remotos. Potential security vulnerabilities has been identified with HP ArcSight Enterprise Security Manager (ESM) and HP ArcSight Logger. These vulnerabilities could be exploited remotely resulting in mult... • http://www.kb.cert.org/vuls/id/868948 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2013-4815 – HP Security Bulletin HPSBGN02923
https://notcve.org/view.php?id=CVE-2013-4815
20 Sep 2013 — Cross-site scripting (XSS) vulnerability in the web interface in HP ArcSight Enterprise Security Manager (ESM) before 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en el interfaz web en HP ArcSight Enterprise Security Manager (ESM) anterior a v5.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. A potential security vulnerability has been identified with HP ArcSight Enter... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03901176 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •