VYPR
High severity8.0NVD Advisory· Published Mar 16, 2016· Updated Jun 17, 2026

CVE-2016-1991

CVE-2016-1991

Description

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors.

Affected products

7
  • cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:*:*:*:*:*:*:*:*range: >=5.0,<=5.6
    • cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.9:*:*:*:express:*:*:*
  • HPE/ArcSight ESMllm-fuzzy
    Range: 5.x <5.6, 6.0, 6.5.x <6.5C SP1 Patch 2, 6.8c <P1
  • Range: <6.9.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.