RSS   Vulnerabilities for 'Arcsight logger'   RSS

2019-03-25
 
CVE-2019-3484

CWE-20
 

 
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3483

CWE-200
 

 
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3482

CWE-22
 

 
Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3481

CWE-611
 

 
Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3480

CWE-79
 

 
Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3479

CWE-20
 

 
Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7.

 
2016-01-16
 
CVE-2015-6864

 

 
HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.

 
 
CVE-2015-6863

 

 
HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.

 
2015-11-11
 
CVE-2015-5441

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
2015-11-03
 
CVE-2015-6030

CWE-264
 

 
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.

 


Copyright 2019, cxsecurity.com

 

Back to Top