CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25835 – Micro Focus ArcSight Management Center Remote Vulnerability
https://notcve.org/view.php?id=CVE-2020-25835
09 Dec 2023 — A potential vulnerability has been identified in Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited resulting in stored Cross-Site Scripting (XSS). Se ha identificado una vulnerabilidad potencial en Micro Focus ArcSight Management Center. La vulnerabilidad podría explotarse de forma remota, lo que daría como resultado Cross-Site Scripting (XSS) almacenado. • https://community.microfocus.com/cfs-file/__key/communityserver-wikis-components-files/00-00-00-00-29/5037.ArcMC_5F00_RelNotes_5F00_2_2D00_9_2D00_6.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32267 – OpenText / Micro Focus ArcSight Management Center Remote Vulnerability
https://notcve.org/view.php?id=CVE-2023-32267
11 Aug 2023 — A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited. Se ha identificado una vulnerabilidad potencial en ArcSight Management Center de OpenText y Micro Focus. La vulnerabilidad podría ser explotada de forma remota. • https://portal.microfocus.com/s/article/KM000020296?language=en_US •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11848
https://notcve.org/view.php?id=CVE-2020-11848
19 Aug 2020 — Denial of service vulnerability on Micro Focus ArcSight Management Center. Affecting all versions prior to version 2.9.5. The vulnerability could cause the server to become unavailable, causing a denial of service. Vulnerabilidad de Denegación de Servicio en Micro Focus ArcSight Management Center. Afectando a todas las versiones anteriores a 2.9.5. • https://community.microfocus.com/t5/ArcSight-Management-Center-ArcMC/ArcSight-Management-Center-2-9-5-Release-Notes/ta-p/2814648 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11841
https://notcve.org/view.php?id=CVE-2020-11841
16 Jun 2020 — Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. Una vulnerabilidad de divulgación de información no autorizada en el producto Micro Focus ArcSight Management Center, afectando a las versiones 2.6.1, 2.7.x, 2.8.x, y 2.9.x anteriores a 2.9.4. Las vulnerabilidades podrían ser explotadas remotamente, resu... • https://softwaresupport.softwaregrp.com/doc/KM03650893 •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11838
https://notcve.org/view.php?id=CVE-2020-11838
16 Jun 2020 — Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Management Center, afectando a las versiones 2.6.1, 2.7.x, 2.8.x, y 2.9.x anteriores a 2.9.4. Las vulnerabilidades podrían ser explotadas remotamente, re... • https://softwaresupport.softwaregrp.com/doc/KM03650893 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-11840
https://notcve.org/view.php?id=CVE-2020-11840
16 Jun 2020 — Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. Una vulnerabilidad de divulgación de información no autorizada en el producto Micro Focus ArcSight Management Center, afectando a las versiones 2.6.1, 2.7.x, 2.8.x, y 2.9.x anteriores a 2.9.4. Las vulnerabilidades podrían ser explotadas remotamente, resu... • https://softwaresupport.softwaregrp.com/doc/KM03650893 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6504 – MFSBGN03824 rev.1 - ArcSight Management Center, Insufficient Access Control, Reflected Cross Site Scripting, Access Control vulnerability, Cross-Site Request Forgery (CSRF), Unauthenticated File Download, Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2018-6504
20 Sep 2018 — A potential Cross-Site Request Forgery (CSRF) vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Cross-Site Request Forgery (CSRF). Se ha identificado una vulnerabilidad potencial de Cross-Site Request Forgery (CSRF) en ArcSight Management Center (ArcMC) en todas las versiones anteriores a la 2.81. Esta vulnerabilidad podría explotarse para permitir Cross-Site Request Forgery (CSRF). • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2015-6030 – HP Security Bulletin HPSBGN03430 3
https://notcve.org/view.php?id=CVE-2015-6030
04 Nov 2015 — HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0 y ArcSight Connector Appliance 6.4.0.6881.3 utilizan la cuenta root para ejecutar archivos pertenecientes al usuario arcsight, lo que podría permitir a usuarios locales ob... • http://www.kb.cert.org/vuls/id/842252 • CWE-264: Permissions, Privileges, and Access Controls •