VYPR

ArcSight ESM Express

by HPE

CVEs (3)

  • CVE-2017-13989HigSep 30, 2017
    risk 0.53cvss 8.1epss 0.01

    An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information.

  • CVE-2016-1991HigMar 16, 2016
    risk 0.52cvss 8.0epss 0.02

    HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors.

  • CVE-2016-1990HigMar 16, 2016
    risk 0.51cvss 7.8epss 0.00

    HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors.