Skip to main content

Arcsight Logger

28 CVEs product

Monthly

CVE-2023-24470 CRITICAL Act Now

Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Arcsight Logger
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2023-24469 MEDIUM This Month

Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-26331 MEDIUM This Month

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure XSS Arcsight Logger
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-26330 HIGH This Week

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure XSS Arcsight Logger
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-11851 CRITICAL Act Now

Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Arcsight Logger
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2020-25834 MEDIUM This Month

Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-11860 MEDIUM This Month

Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-11839 MEDIUM This Month

Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Arcsight Logger
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-11657 HIGH This Week

Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Arcsight Logger
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2019-11656 MEDIUM This Month

Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-11655 HIGH This Week

Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Arcsight Logger
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2019-3485 MEDIUM This Month

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-3484 HIGH This Week

Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Arcsight Logger
NVD
CVSS 3.0
7.8
EPSS
1.4%
CVE-2019-3483 MEDIUM This Month

Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Arcsight Logger
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2019-3482 MEDIUM This Month

Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Arcsight Logger
NVD
CVSS 3.0
6.5
EPSS
4.2%
CVE-2019-3481 HIGH This Week

Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Arcsight Logger
NVD
CVSS 3.0
7.1
EPSS
1.7%
CVE-2019-3480 MEDIUM This Month

Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2019-3479 CRITICAL Act Now

Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Arcsight Logger
NVD
CVSS 3.0
9.8
EPSS
6.9%
CVE-2015-6864 MEDIUM PATCH This Month

HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

RCE Arcsight Logger
NVD
CVSS 3.0
6.3
EPSS
0.7%
CVE-2015-6863 HIGH PATCH This Week

HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Arcsight Logger
NVD
CVSS 3.0
7.3
EPSS
2.5%
CVE-2015-5441 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS HP Archsight Management Center Arcsight Logger
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2015-6030 HIGH This Week

HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP Privilege Escalation Arcsight Connector Appliance Arcsight Logger Arcsight Command Center +4
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-6029 MEDIUM This Month

HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Arcsight Logger
NVD
CVSS 2.0
5.0
EPSS
6.9%
CVE-2015-2136 MEDIUM This Month

HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Arcsight Logger
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2014-7884 CRITICAL POC THREAT Emergency

Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.2%.

HP Information Disclosure Arcsight Logger
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
23.2%
Threat
4.0
CVE-2012-5199 MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to execute arbitrary code via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

HP RCE Arcsight Connector Appliance Firmware Arcsight Connector Appliance Arcsight Logger
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-5198 MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance before 6.3 and ArcSight Logger 5.2 and earlier allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Arcsight Connector Appliance Firmware Arcsight Connector Appliance Arcsight Logger
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2012-3286 MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to obtain sensitive information, modify data, or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Arcsight Connector Appliance Firmware Arcsight Connector Appliance Arcsight Logger
NVD
CVSS 2.0
6.5
EPSS
0.3%
EPSS 1% CVSS 9.1
CRITICAL Act Now

Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Arcsight Logger
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure XSS Arcsight Logger
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure XSS Arcsight Logger
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Arcsight Logger
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Arcsight Logger
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Arcsight Logger
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Arcsight Logger
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Arcsight Logger
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Arcsight Logger
NVD
EPSS 4% CVSS 6.5
MEDIUM This Month

Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Arcsight Logger
NVD
EPSS 2% CVSS 7.1
HIGH This Week

Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Arcsight Logger
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
EPSS 7% CVSS 9.8
CRITICAL Act Now

Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Arcsight Logger
NVD
EPSS 1% CVSS 6.3
MEDIUM PATCH This Month

HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

RCE Arcsight Logger
NVD
EPSS 2% CVSS 7.3
HIGH PATCH This Week

HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Arcsight Logger
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS HP Archsight Management Center +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP Privilege Escalation Arcsight Connector Appliance +6
NVD
EPSS 7% CVSS 5.0
MEDIUM This Month

HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Arcsight Logger
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Arcsight Logger
NVD
EPSS 23% 4.0 CVSS 9.0
CRITICAL POC THREAT Emergency

Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.2%.

HP Information Disclosure Arcsight Logger
NVD Exploit-DB
EPSS 0% CVSS 6.8
MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to execute arbitrary code via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

HP RCE Arcsight Connector Appliance Firmware +2
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance before 6.3 and ArcSight Logger 5.2 and earlier allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Arcsight Connector Appliance Firmware +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to obtain sensitive information, modify data, or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Arcsight Connector Appliance Firmware +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy