The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of HPE ArcSight Logger

vulnerability note 17554

HP ArcSight Logger: incoherent complex searches

Synthesis of the vulnerability

An HP ArcSight Logger administrator, who searches traces of a sensitive event, may miss this event.
Impacted products: ArcSight Logger.
Severity: 1/4.
Consequences: disguisement.
Provenance: document.
Creation date: 31/07/2015.
Identifiers: VIGILANCE-VUL-17554.

Description of the vulnerability

The HP ArcSight Logger product is used to store and read event logs.

However, search features contain several errors. Results are thus inconsistent.

An HP ArcSight Logger administrator, who searches traces of a sensitive event, may therefore miss this event.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-7884

ArcSight Logger: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of ArcSight Logger.
Impacted products: ArcSight Logger.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 18/03/2015.
Identifiers: c04562193, CVE-2014-7884, HPSBGN03249, VIGILANCE-VUL-16406, VU#868948.

Description of the vulnerability

Several vulnerabilities were announced in ArcSight Logger.

An attacker can upload a malicious file, in order for example to upload a Trojan. [severity:3/4]

An attacker can alter the configuration, in order to escalate his privileges. [severity:2/4]

An attacker can transmit malicious XML data, in order to read a file, scan sites, or trigger a denial of service. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-3286 CVE-2012-5198 CVE-2012-5199

HP ArcSight Connector, Logger: three vulnerabilities

Synthesis of the vulnerability

Three vulnerabilities were announced in HP ArcSight Connector Appliance and HP ArcSight Logger.
Impacted products: ArcSight Connector, ArcSight Logger.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 15/02/2013.
Identifiers: BID-57975, BID-57976, BID-57978, c03606700, CVE-2012-3286, CVE-2012-5198, CVE-2012-5199, HPSBMU02836, SSRT101040, SSRT101056, SSRT101060, VIGILANCE-VUL-12426, VU#829260, VU#988100.

Description of the vulnerability

Three vulnerabilities were announced in HP ArcSight Connector Appliance and HP ArcSight Logger.

An attacker can use a vulnerability, in order to execute code. [severity:3/4; BID-57978, CVE-2012-3286, SSRT101040, VU#829260]

An attacker can use a vulnerability, in order to obtain information. [severity:2/4; BID-57976, CVE-2012-5198, SSRT101056, VU#988100]

An attacker can use a vulnerability, in order to execute code. [severity:3/4; BID-57975, CVE-2012-5199, SSRT101060]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-2960

HP ArcSight Connector, Logger: Cross Site Scripting

Synthesis of the vulnerability

An attacker can invite the victim to import a malicious file with ArcSight Connector or Logger, in order to execute JavaScript code in his browser.
Impacted products: ArcSight Connector, ArcSight Logger.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 07/08/2012.
Identifiers: BID-54824, c03606700, CVE-2012-2960, HPSBMU02836, SSRT100864, VIGILANCE-VUL-11826, VU#960468.

Description of the vulnerability

The ArcSight Connector and Logger products allows the administrator to import a list of computers from a file:
 - System Admin
 - Network
 - Hosts
 - Import from Local File

However, imported names are then directly displayed by the service, without being filtered. An attacker can thus create a file containing a computer list with JavaScript, which is then inserted in web pages generated by the service.

An attacker can therefore invite the victim to import a malicious file with ArcSight Connector or Logger, in order to execute JavaScript code in his browser.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about HPE ArcSight Logger: