The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of MicroFocus ArcSight Logger

computer vulnerability alert CVE-2012-2960

HP ArcSight Connector, Logger: Cross Site Scripting

Synthesis of the vulnerability

An attacker can invite the victim to import a malicious file with ArcSight Connector or Logger, in order to execute JavaScript code in his browser.
Impacted products: ArcSight Connector, ArcSight Logger.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 07/08/2012.
Identifiers: BID-54824, c03606700, CVE-2012-2960, HPSBMU02836, SSRT100864, VIGILANCE-VUL-11826, VU#960468.

Description of the vulnerability

The ArcSight Connector and Logger products allows the administrator to import a list of computers from a file:
 - System Admin
 - Network
 - Hosts
 - Import from Local File

However, imported names are then directly displayed by the service, without being filtered. An attacker can thus create a file containing a computer list with JavaScript, which is then inserted in web pages generated by the service.

An attacker can therefore invite the victim to import a malicious file with ArcSight Connector or Logger, in order to execute JavaScript code in his browser.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about MicroFocus ArcSight Logger: