Information disclosure

2017-09-3001:29:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.0%

JSON

An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of Apache Tomcat application server version.

CPENameOperatorVersion
arcsight_enterprise_security_managereq6.8
arcsight_enterprise_security_managereq6.5
arcsight_enterprise_security_managereq6.0
arcsight_enterprise_security_managereq6.11.0
arcsight_enterprise_security_managereq6.5 sp1
arcsight_enterprise_security_managereq6.0.99
arcsight_enterprise_security_managereq6.5c sp1
arcsight_enterprise_security_managereq6.5.99
arcsight_enterprise_security_managereq6.8.99
arcsight_enterprise_security_managereq6.9.99

Name	Operator	Version
arcsight_enterprise_security_manager	eq	6.8
arcsight_enterprise_security_manager	eq	6.5
arcsight_enterprise_security_manager	eq	6.0
arcsight_enterprise_security_manager	eq	6.11.0
arcsight_enterprise_security_manager	eq	6.5 sp1
arcsight_enterprise_security_manager	eq	6.0.99
arcsight_enterprise_security_manager	eq	6.5c sp1
arcsight_enterprise_security_manager	eq	6.5.99
arcsight_enterprise_security_manager	eq	6.8.99
arcsight_enterprise_security_manager	eq	6.9.99