High severity8.0NVD Advisory· Published Mar 16, 2016· Updated Jun 17, 2026
CVE-2016-1991
CVE-2016-1991
Description
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors.
Affected products
7cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:*:*:*:*:*:*:*:*range: >=5.0,<=5.6
- cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.8:*:*:*:*:*:*:*
- cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.9:*:*:*:express:*:*:*
- Range: 5.x <5.6, 6.0, 6.5.x <6.5C SP1 Patch 2, 6.8c <P1
- Range: <6.9.1
Patches
Vulnerability mechanics
References
2- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdPatchVendor Advisory
- www.securitytracker.com/id/1035282nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.