VYPR
Medium severity6.1NVD Advisory· Published Oct 31, 2017· Updated Jun 17, 2026

CVE-2017-14358

CVE-2017-14358

Description

A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow URL redirection to untrusted site.

Affected products

32
  • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.0c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5c:sp1:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.8c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.0c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:p1:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:p2:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:p3:*:*:*:*:*:*
  • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.0:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.0c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5c:sp1:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.8c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.0c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p1:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p2:*:*:*:*:*:*
    • cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p3:*:*:*:*:*:*
  • Range: <6.9.1c Patch 4 or <6.11.0 Patch 1
  • Range: <6.9.1c Patch 4 or <6.11.0 Patch 1
  • Micro Focus/HP ArcSight ESMv5
    Range: Any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1
  • Micro Focus/HP ArcSight ESM Expressv5
    Range: Any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.