Lucene search
Japan Vulnerability NotesJVN:51046809HistoryNov 20, 2015 - 12:00 a.m.
JVN#51046809: ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting
2015-11-2000:00:00
Japan Vulnerability Notes
jvn.jp
16
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.014 Low
EPSS
Percentile
86.5%
ArcSight Management Center and ArcSight Logger from Hewlett-Packard Development Company L.P. contain a stored cross-site scripting vulnerability (CWE-79).
Impact
An arbitrary script may be executed on the user’s web browser.
Solution
Update the Software
Update to the latest version according to the information provided by the vendor.
Products Affected
- ArcSight Management Center versions prior to v2.1
- ArcSight Logger versions prior to v6.1
Related
cve
cve
CVE-2015-5441
2015-11-12 03:59:00
nvd
nvd
CVE-2015-5441
2015-11-12 03:59:00
nessus
nessus
HP ArcSight Logger < 6.1 Management Center XSS
2015-10-16 00:00:00
prion
prion
Cross site scripting
2015-11-12 03:59:00
cvelist
cvelist
CVE-2015-5441
2015-11-12 02:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.014 Low
EPSS
Percentile
86.5%
Related for JVN:51046809