Lucene search
K
MicrofocusArcsight Logger

9 matches found

CVE
CVE
added 2020/11/17 12:51 a.m.80 views

CVE-2020-25834

CVE-2020-25834 is a cross-site scripting (XSS) vulnerability impacting Micro Focus ArcSight Logger, primarily affected version 7.1 (some sources mention 7.1.1). The issue could be exploited remotely to trigger XSS in the product. The Red Hat, NVD, and other feeds consistently describe a straightf...

5.4CVSS5.4AI score0.00682EPSS
CVE
CVE
added 2020/11/17 1:2 a.m.74 views

CVE-2020-11851

CVE-2020-11851 affects Micro Focus ArcSight Logger prior to 7.1.1. The connected documents confirm a remote code execution vulnerability in ArcSight Logger, exploitable via the ArcSight Management Center backup/config workflow that uses Tcl/expect scripts, leading to arbitrary code execution on v...

9.8CVSS9.6AI score0.02825EPSS
Web
CVE
CVE
added 2023/06/13 12:0 a.m.74 views

CVE-2023-24470

ArcSight Logger prior to version 7.3.0 is vulnerable to XML External Entity (XXE) injection (CVE-2023-24470). The root cause is XXE in the product’s XML processing, enabling an attacker to potentially access or exfiltrate data via crafted XML. Public advisories confirm fixes in ArcSight Logger 7....

9.1CVSS9.2AI score0.00895EPSS
CVE
CVE
added 2020/11/17 12:54 a.m.63 views

CVE-2020-11860

CVE-2020-11860 is a Cross-Site Scripting vulnerability in Micro Focus ArcSight Logger affecting all versions prior to 7.1.1. The connected documents indicate a remote XSS exposure in ArcSight Logger’s web-facing components, with no detailed exploit steps provided in the sources. The vulnerability...

6.1CVSS5.9AI score0.00634EPSS
CVE
CVE
added 2022/08/31 3:52 p.m.54 views

CVE-2022-26330

CVE-2022-26330 affects Micro Focus ArcSight Logger prior to version 7.2.2. The documented impact is information disclosure and self XSS, with remote exploitation described in multiple sources. The root cause details are not fully enumerated in the provided documents, but the vulnerability targets...

7.5CVSS7AI score0.0057EPSS
CVE
CVE
added 2022/08/31 3:52 p.m.52 views

CVE-2022-26331

CVE-2022-26331 affects Micro Focus ArcSight Logger. Vulnerable are ArcSight Logger versions prior to 7.2.2. The issue could be remotely exploited to cause Information Disclosure or Self Cross-Site Scripting (XSS). Root cause details are not specified in the provided documents. Remediation: upgrad...

6.1CVSS6.4AI score0.0038EPSS
CVE
CVE
added 2019/12/17 10:5 p.m.50 views

CVE-2019-11657

Micro Focus ArcSight Logger has a Cross-Site Request Forgery (CSRF) vulnerability affecting all product versions prior to 7.0. The vulnerability arises from a web application that does not adequately validate request origins, enabling CSRF attacks without explicit user interaction in some sources...

8.8CVSS8.6AI score0.00452EPSS
CVE
CVE
added 2020/06/12 10:30 p.m.41 views

CVE-2020-11839

The CVE-2020-11839 entry affects Micro Focus ArcSight Logger, specifically versions 6.6.1 through 7.0.1. The vulnerability is a Cross-Site Scripting (XSS) issue in the web application caused by insufficient validation of client-side data, with potential remote exploitation leading to XSS or infor...

6.1CVSS5.9AI score0.00641EPSS
CVE
CVE
added 2023/06/13 12:0 a.m.40 views

CVE-2023-24469

CVE-2023-24469 affects Micro Focus ArcSight Logger prior to 7.3.0. The vulnerability is a Cross-Site Scripting issue arising in the web interface, with CVSS 3.1 base score 6.1 (Network, Low attack complexity, UI interaction required). Public advisories indicate that Micro Focus released version 7...

6.1CVSS6AI score0.00472EPSS