RSS   Vulnerabilities for 'Arcsight logger'   RSS

2019-10-04
 
CVE-2019-11656

CWE-79
 

 
Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

 
 
CVE-2019-11655

CWE-434
 

 
Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. This vulnerability could allow Unrestricted Upload of File with Dangerous type.

 
2019-07-24
 
CVE-2019-3485

CWE-79
 

 
Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1

 
2019-03-25
 
CVE-2019-3484

CWE-20
 

 
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3483

CWE-200
 

 
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3482

CWE-22
 

 
Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3481

CWE-611
 

 
Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3480

CWE-79
 

 
Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7.

 
 
CVE-2019-3479

CWE-20
 

 
Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7.

 
2016-01-16
 
CVE-2015-6864

 

 
HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.

 


Copyright 2019, cxsecurity.com

 

Back to Top