Lucene search
K
MicrofocusArcsight Enterprise Security Manager

8 matches found

CVE
CVE
added 2015/11/04 2:0 a.m.64 views

CVE-2015-6030

HP ArcSight products (ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, ArcSight Connector Appliance 6.4.0.6881.3) are affected by CVE-2015-6030. The root account is used to execute files owned by the arcsight user, which may allow local users who have arcsight credentials to ga...

7.2CVSS7.2AI score0.00608EPSS
CVE
CVE
added 2022/01/14 7:11 p.m.55 views

CVE-2021-38126

CVE-2021-38126 affects Micro Focus ArcSight Enterprise Security Manager (versions 7.4.x and 7.5.x). The connected sources indicate a remote-exploitation path leading to Cross-Site Scripting (XSS). The documents do not provide the underlying root cause details, affected components/files, exploit v...

6.1CVSS6.4AI score0.00569EPSS
CVE
CVE
added 2015/03/14 1:0 a.m.52 views

CVE-2014-7885

HP ArcSight Enterprise Security Manager (ESM) prior to 6.8c is affected by multiple remote vulnerabilities (CVE-2014-7885). The Nessus entry cites XSS due to failure to validate tooltip input and CSRF allowing changes to rules or resources via a crafted link; affected versions include ESM before ...

10CVSS7AI score0.03029EPSS
CVE
CVE
added 2022/01/14 7:11 p.m.51 views

CVE-2021-38127

CVE-2021-38127 affects Micro Focus ArcSight Enterprise Security Manager (versions 7.4.x and 7.5.x). The connected sources indicate a remotely exploitable vulnerability leading to Cross-Site Scripting (XSS). The NVD entry and related records provide CVSS metrics: CVSS v3.1 base score 6.1 (NETWORK,...

6.1CVSS6.4AI score0.00569EPSS
CVE
CVE
added 2016/03/16 10:0 a.m.50 views

CVE-2016-1991

HP ArcSight ESM/ESM Express are affected by a vulnerability in older branches (ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, 6.8c before P1, and ESM Express before 6.9.1) that can enable remote authenticated users to perform file download attacks via unknown vectors. Connected sources a...

8CVSS7.4AI score0.01572EPSS
CVE
CVE
added 2016/03/16 10:0 a.m.49 views

CVE-2016-1990

HP ArcSight ESM and ArcSight ESM Express are affected by CVE-2016-1990: local privilege escalation allowing a local user to gain privileges for command execution on specific versions. Affected products include HP ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, 6.8c before P1, and...

7.8CVSS7.7AI score0.00397EPSS
CVE
CVE
added 2021/09/28 1:56 p.m.49 views

CVE-2021-38124

The CVE-2021-38124 entry concerns Micro Focus ArcSight Enterprise Security Manager (ESM) , affecting versions 7.0.2 through 7.5 . The connected documents confirm a Remote Code Execution vulnerability in ESM, with the vulnerability capable of being exploited remotely. The exact root cause, exploit...

9.8CVSS9.8AI score0.02014EPSS
CVE
CVE
added 2013/09/20 9:0 p.m.45 views

CVE-2013-4815

HP ArcSight Enterprise Security Manager (ESM) is affected by CVE-2013-4815, a remote Cross-Site Scripting (XSS) vulnerability in the Management Web Interface. The flaw exists in ESM prior to version 5.5 and can allow an attacker to inject arbitrary web script or HTML through unspecified vectors i...

4.3CVSS5.8AI score0.00942EPSS