| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of ArcSight FlexConnector
ArcSight WINC Connector: code execution
Synthesis of the vulnerability
An attacker can use a vulnerability of ArcSight WINC Connector, in order to run code.
Impacted products: ArcSight Connector.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 20/10/2016.
Identifiers: c05313743, CVE-2016-4391, HPSBGN03663, VIGILANCE-VUL-20926.
Description of the vulnerability
An attacker can use a vulnerability of ArcSight WINC Connector, in order to run code.
Full Vigil@nce bulletin... (Free trial) |
HP ArcSight: privilege escalation
Synthesis of the vulnerability
A local attacker can alter files of HP ArcSight, in order to escalate his privileges.
Impacted products: ArcSight Connector, ArcSight ESM, ArcSight Express, ArcSight Logger, HPE ArcMC.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 04/11/2015.
Identifiers: c04872416, CVE-2015-6030, HPSBGN03430, VIGILANCE-VUL-18240, VU#842252.
Description of the vulnerability
The HP ArcSight product installs files belonging to the "arcsight" user, but run by the "root" user.
However, a local attacker with the "arcsight" privilege, can alter these files.
A local attacker can therefore alter files of HP ArcSight, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
HP ArcSight SmartConnector: two vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of HP ArcSight SmartConnector.
Impacted products: ArcSight Connector.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading, data creation/edition.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 28/10/2015.
Identifiers: c04850932, CVE-2015-2902, CVE-2015-2903, HPSBGN03425, VIGILANCE-VUL-18199, VU#350508.
Description of the vulnerability
Several vulnerabilities were announced in HP ArcSight SmartConnector.
An attacker can act as a Man-in-the-Middle on Upstream Logger Device, in order to read or write data in the session. [severity:2/4; CVE-2015-2902]
An attacker can use the hard-coded password in CWSAPI SOAP, in order to escalate his privileges. [severity:2/4; CVE-2015-2903]
Full Vigil@nce bulletin... (Free trial) |
HP ArcSight Connector, Logger: three vulnerabilities
Synthesis of the vulnerability
Three vulnerabilities were announced in HP ArcSight Connector Appliance and HP ArcSight Logger.
Impacted products: ArcSight Connector, ArcSight Logger.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 15/02/2013.
Identifiers: BID-57975, BID-57976, BID-57978, c03606700, CVE-2012-3286, CVE-2012-5198, CVE-2012-5199, HPSBMU02836, SSRT101040, SSRT101056, SSRT101060, VIGILANCE-VUL-12426, VU#829260, VU#988100.
Description of the vulnerability
Three vulnerabilities were announced in HP ArcSight Connector Appliance and HP ArcSight Logger.
An attacker can use a vulnerability, in order to execute code. [severity:3/4; BID-57978, CVE-2012-3286, SSRT101040, VU#829260]
An attacker can use a vulnerability, in order to obtain information. [severity:2/4; BID-57976, CVE-2012-5198, SSRT101056, VU#988100]
An attacker can use a vulnerability, in order to execute code. [severity:3/4; BID-57975, CVE-2012-5199, SSRT101060]
Full Vigil@nce bulletin... (Free trial) |
HP ArcSight Connector, Logger: Cross Site Scripting
Synthesis of the vulnerability
An attacker can invite the victim to import a malicious file with ArcSight Connector or Logger, in order to execute JavaScript code in his browser.
Impacted products: ArcSight Connector, ArcSight Logger.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 07/08/2012.
Identifiers: BID-54824, c03606700, CVE-2012-2960, HPSBMU02836, SSRT100864, VIGILANCE-VUL-11826, VU#960468.
Description of the vulnerability
The ArcSight Connector and Logger products allows the administrator to import a list of computers from a file:
- System Admin
- Network
- Hosts
- Import from Local File
However, imported names are then directly displayed by the service, without being filtered. An attacker can thus create a file containing a computer list with JavaScript, which is then inserted in web pages generated by the service.
An attacker can therefore invite the victim to import a malicious file with ArcSight Connector or Logger, in order to execute JavaScript code in his browser.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about ArcSight FlexConnector:
|