| |
Vulnerability CVE-2016-1990
Published: 2016-03-16
Description: |
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors. |
Type:
CWE-264 (Permissions, Privileges, and Access Controls)
CVSS2 => (AV:L/AC:L/Au:S/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
6.4/10 |
3.1/10 |
Exploit range |
Attack complexity |
Authentication |
Local |
Low |
Single time |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://www.securitytracker.com/id/1035282
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|