The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of ArcSight Management Center

vulnerability CVE-2015-6030

HP ArcSight: privilege escalation

Synthesis of the vulnerability

A local attacker can alter files of HP ArcSight, in order to escalate his privileges.
Impacted products: ArcSight Connector, ArcSight ESM, ArcSight Express, ArcSight Logger, HPE ArcMC.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 04/11/2015.
Identifiers: c04872416, CVE-2015-6030, HPSBGN03430, VIGILANCE-VUL-18240, VU#842252.

Description of the vulnerability

The HP ArcSight product installs files belonging to the "arcsight" user, but run by the "root" user.

However, a local attacker with the "arcsight" privilege, can alter these files.

A local attacker can therefore alter files of HP ArcSight, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2015-5441

HP ArcSight Logger, MC: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of HP ArcSight Logger/MC, in order to run JavaScript code in the context of the web site.
Impacted products: ArcSight Logger, HPE ArcMC.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 24/09/2015.
Identifiers: c04797406, CVE-2015-5441, HPSBGN03507, VIGILANCE-VUL-17970.

Description of the vulnerability

The HP ArcSight Logger/MC product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of HP ArcSight Logger/MC, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about ArcSight Management Center: