4 matches found
HP ArcSight Logger contains multiple vulnerabilities
Overview HP ArcSight Logger contains multiple vulnerabilities, allowing authentication bypass and privilege escalation in certain scenarios. Description CWE-285: Improper Authorization- CVE-2015-2136A remote authenticated user without Logger Search permissions may be able to bypass authorization...
HP ArcSight Logger < 6.0 P2 Multiple Vulnerabilities
According to its self-reported version number, the version of HP ArcSight Logger installed on the remote host is prior to 6.0 P2. It is, therefore, affected by multiple vulnerabilities : - An authorization bypass vulnerability exists that allows an authenticated, remote attacker to bypass...
CVE-2015-2136
HP ArcSight Logger prior to version 6.0 P2 contains CVE-2015-2136: remote authenticated users can bypass the intended authorization policy (noted via the SOAP interface) and perform unauthorized actions. Affected product/version: HP ArcSight Logger before 6.0 P2. Root cause indicated as improper ...
[security bulletin] HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization Bypass
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04762372 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04762372 Version: 2 HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization...