3 matches found
CVE-2023-24470
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0...
CVE-2023-24470
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0...
CVE-2023-24470
ArcSight Logger prior to version 7.3.0 is vulnerable to XML External Entity (XXE) injection (CVE-2023-24470). The root cause is XXE in the product’s XML processing, enabling an attacker to potentially access or exfiltrate data via crafted XML. Public advisories confirm fixes in ArcSight Logger 7....