Lucene search

[email protected]CVE-2015-5441

HistoryNov 12, 2015 - 3:59 a.m.

CVE-2015-5441

2015-11-1203:59:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2015-5441

arcsight management center

arcsight logger

xss

vulnerabilities

remote attackers

web script

html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

hparchsight_management_centerRange≤2.0

Node

hparcsight_loggerRange≤6.0

CPENameOperatorVersion
hp:archsight_management_centerhp archsight management centerle2.0

CPE	Name	Operator	Version
hp:archsight_management_center	hp archsight management center	le	2.0

References

jvn.jp/en/jp/JVN51046809/index.html

jvndb.jvn.jp/en/contents/2015/JVNDB-2015-005909.html

www.securityfocus.com/archive/1/536877/100/0/threaded

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04797406

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2015-5441

nvd1 nessus1 jvn1 prion1 cvelist1