Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ARCSIGHT_LOGGER_6_1.NASL
HistoryOct 16, 2015 - 12:00 a.m.

HP ArcSight Logger < 6.1 Management Center XSS

2015-10-1600:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.014 Low

EPSS

Percentile

86.5%

JSON

The remote host has a version of HP ArcSight logger installed that is prior to 6.1. It is, therefore, affected by a reflected cross-site scripting vulnerability in the Management Center due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user’s browser session.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(86419);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/10/25");

  script_cve_id("CVE-2015-5441");
  script_xref(name:"HP", value:"HPSBGN03507");
  script_xref(name:"HP", value:"SSRT102181");
  script_xref(name:"HP", value:"emr_na-c04797406");

  script_name(english:"HP ArcSight Logger < 6.1 Management Center XSS");
  script_summary(english:"Checks the version of HP ArcSight Logger.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has an application installed that is affected by a
reflected cross-site scripting vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote host has a version of HP ArcSight logger installed that is
prior to 6.1. It is, therefore, affected by a reflected cross-site
scripting vulnerability in the Management Center due to improper
validation of user-supplied input. A remote attacker can exploit this,
via a specially crafted request, to execute arbitrary script code in a
user's browser session.");
  # https://support.hpe.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04797406
  script_set_attribute(attribute:"see_also",value:"http://www.nessus.org/u?73f00f3d");
  script_set_attribute(attribute:"solution", value:
"Upgrade to HP ArcSight Logger version 6.1 or later.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-5441");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date",value:"2015/09/23");
  script_set_attribute(attribute:"patch_publication_date",value:"2015/09/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/10/16");

  script_set_attribute(attribute:"plugin_type",value:"local");
  script_set_attribute(attribute:"cpe",value:"cpe:/a:hp:arcsight_logger");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("arcsight_logger_installed_linux.nasl");
  script_require_keys("installed_sw/ArcSight Logger");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("smb_func.inc");
include("install_func.inc");

app = "ArcSight Logger";
port = 0;

install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);
ver = install['version'];
path = install['path'];
display_ver = install['display_version'];

fix = '6.1';
display_fix = '6.1';

if (ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)
  audit(AUDIT_INST_VER_NOT_VULN, app, display_ver);

set_kb_item(name:"www/0/XSS", value:TRUE);

if (report_verbosity > 0)
{
  report =
    '\n  Path              : ' + path +
    '\n  Installed version : ' + display_ver +
    '\n  Fixed version     : ' + display_fix + '\n';
  security_warning(port:port, extra:report);
}
else security_warning(port);
VendorProductVersionCPE
hparcsight_loggercpe:/a:hp:arcsight_logger

Related

prion 1
cvelist 1
cve 1
nvd 1
jvn 1
prion
prion
Cross site scripting
2015-11-12 03:59:00
cvelist
cvelist
CVE-2015-5441
2015-11-12 02:00:00
cve
cve
CVE-2015-5441
2015-11-12 03:59:00
nvd
nvd
CVE-2015-5441
2015-11-12 03:59:00
jvn
jvn
JVN#51046809: ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting
2015-11-20 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.014 Low

EPSS

Percentile

86.5%

JSON
Related for ARCSIGHT_LOGGER_6_1.NASL
prion1cvelist1cve1nvd1jvn1