7 matches found
CVE-2015-6030
HP ArcSight products (ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, ArcSight Connector Appliance 6.4.0.6881.3) are affected by CVE-2015-6030. The root account is used to execute files owned by the arcsight user, which may allow local users who have arcsight credentials to ga...
CVE-2018-6502
ArcSight Management Center (ArcMC) is affected by a Reflected Cross-Site Scripting vulnerability in all versions prior to 2.81. The issue, as described in connected CNVD/NVD entries, is a reflected XSS and the advisory suggests upgrading to version 2.81 or later to remediate. Exploit specifics an...
CVE-2018-6501
This CVE-2018-6501 affects ArcSight Management Center (ArcMC) prior to version 2.81, with a vulnerability described as Insufficient Access Controls. The connected records confirm the affected product and version range, and that the impact is uncontrolled access due to access-control shortcomings....
CVE-2018-6500
CVE-2018-6500 describes a potential Directory Traversal vulnerability in ArcSight Management Center (ArcMC) affecting all versions prior to 2.81. Based on the connected documents, the issue could be remotely exploited to disclose files via directory traversal, but no exploit details, affected com...
CVE-2019-3486
CVE-2019-3486 affects Micro Focus ArcSight Security Management Center (ArcMC). A stored cross-site scripting vulnerability stems from insufficient validation of client-side data in the WEB application, leading to potential client-side code execution in ArcMC versions prior to 2.9.1. The affected ...
CVE-2018-6505
ArcSight Management Center (ArcMC) prior to version 2.81 is affected by an Unauthenticated File Download vulnerability (CVE-2018-6505). The CVE entry and multiple connected sources describe an unauthenticated mechanism that could allow file downloads from ArcMC. The NVD metrics list a CVSSv3 base...
CVE-2018-6503
Technical details for CVE-2018-6503 are not publicly available in the provided connected documents. Monitor for updates from official sources; current documents only indicate a generic access-control vulnerability in ArcSight Management Center prior to 2.81.