Lucene search
K

5 matches found

CNVD
CNVD
added 2017/11/01 12:0 a.m.3 views

HPE ArcSight ESM and ArcSight ESM Express SQL Injection Vulnerability

HPE ArcSight ESM Enterprise Security Manager and ESM Express are both enterprise security management software with event correlation and security analysis capabilities from Hewlett Packard Enterprise HPE. The software collects, correlates and reports on enterprise-wide security events in real tim...

9.8CVSS7.9AI score0.01815EPSS
Exploits0References1
CVE
CVE
added 2017/09/29 2:0 p.m.50 views

CVE-2017-13988

Affected product: ArcSight ESM and ArcSight ESM Express. Vulnerable versions: any 6.x prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. Root cause / impact: improper access control lets unauthorized users alter the maximum size of storage groups and enable/disable the follow schedule function. Exploitab...

6.5CVSS6.4AI score0.00826EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/09/29 2:0 p.m.53 views

CVE-2017-13990

Summary: CVE-2017-13990 describes an information-disclosure vulnerability in HP ArcSight ESM/ESM Express (ArcSight) where any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1 can disclose the Apache Tomcat application server version. Affected products/versions: ArcSight ESM and ArcSight ESM ...

5.3CVSS5.1AI score0.01483EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/03/17 2:59 p.m.4 views

CVE-2016-1992

HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors...

6.5CVSS5.8AI score0.01847EPSS
Exploits0References2
OSV
OSV
added 2016/03/16 10:59 a.m.7 views

CVE-2016-1991

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors...

8CVSS5.8AI score0.01572EPSS
Exploits0References2
Rows per page
Query Builder