Lucene search
K

5 matches found

CVE
CVE
added 2015/11/04 2:0 a.m.44 views

CVE-2015-6029

HP ArcSight Logger before 6.0 P2 is vulnerable to CVE-2015-6029: the SOAP interface does not limit authentication attempts, enabling remote brute-force access. The HP Security Bulletin (HPSBGN03429) confirms the impact and provides remediation: update to ArcSight Logger v6.0 P2 or later (6.0 P2, ...

5CVSS6.6AI score0.04439EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/11/04 2:0 a.m.23 views

CVE-2015-6029

HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach...

6.4AI score0.04439EPSS
Exploits0References3
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.75 views

[security bulletin] HPSBGN03429 rev.1 - HP Arcsight Logger, Remote Disclosure of Information

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04863612 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04863612 Version: 1 HPSBGN03429 rev.1 - HP Arcsight Logger, Remote Disclosure of...

5CVSS0.2AI score0.04439EPSS
Exploits0
CERT
CERT
added 2015/10/19 12:0 a.m.38 views

HP ArcSight Logger contains multiple vulnerabilities

Overview HP ArcSight Logger contains multiple vulnerabilities, allowing authentication bypass and privilege escalation in certain scenarios. Description CWE-285: Improper Authorization- CVE-2015-2136A remote authenticated user without Logger Search permissions may be able to bypass authorization...

7.2CVSS7.6AI score0.04439EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/09/17 12:0 a.m.25 views

HP ArcSight Logger < 6.0 P2 Multiple Vulnerabilities

According to its self-reported version number, the version of HP ArcSight Logger installed on the remote host is prior to 6.0 P2. It is, therefore, affected by multiple vulnerabilities : - An authorization bypass vulnerability exists that allows an authenticated, remote attacker to bypass...

7.2CVSS5.8AI score0.04439EPSS
Exploits0References6
Rows per page
Query Builder