2 matches found
CVE-2015-2903
The CVE-2015-2903 issue affects HP ArcSight SmartConnectors, specifically the CWSAPI SOAP service, prior to version 7.1.6. The root cause is a hardcoded password used by the CWSAPI SOAP service, which can allow a remote attacker to obtain administrative access if the password is known. Impact des...
HP ArcSight SmartConnector fails to properly validate SSL and contains a hard-coded password
Overview The HP ArcSight SmartConnector fails to properly validate SSL certificates, and also contains a hard-coded password. Description CWE-295: Improper Certificate Validation - CVE-2015-2902The ArcSight SmartConnector fails to validate the certificate of the upstream Logger device it is...