4 matches found
Information disclosure
HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate...
CVE-2015-2902
HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate...
CVE-2015-2902
HP ArcSight SmartConnectors before version 7.1.6 fail to verify X.509 certificates from Logger devices, enabling a man-in-the-middle attacker to spoof devices and read SSL-protected log traffic via a crafted certificate. This vulnerability affects ArcSight SmartConnectors prior to 7.1.6 and has a...
CVE-2015-2902
HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate...