VYPR

Arcsight Management Center

by Microfocus

CVEs (13)

  • CVE-2018-6504HigSep 20, 2018
    risk 0.57cvss 8.8epss 0.01

    A potential Cross-Site Request Forgery (CSRF) vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Cross-Site Request Forgery (CSRF).

  • CVE-2018-6505HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.03

    A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads.

  • CVE-2018-6500HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.04

    A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal.

  • CVE-2018-6502MedSep 20, 2018
    risk 0.42cvss 6.5epss 0.01

    A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Reflected Cross-site Scripting (XSS).

  • CVE-2024-9841Nov 8, 2024
    risk 0.00cvss epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.

  • CVE-2020-25835Dec 9, 2023
    risk 0.00cvss epss 0.00

    A potential vulnerability has been identified in Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited resulting in stored Cross-Site Scripting (XSS).

  • CVE-2023-32267Aug 11, 2023
    risk 0.00cvss epss 0.00

    A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited.

  • CVE-2020-11848Aug 19, 2020
    risk 0.00cvss epss 0.01

    Denial of service vulnerability on Micro Focus ArcSight Management Center. Affecting all versions prior to version 2.9.5. The vulnerability could cause the server to become unavailable, causing a denial of service.

  • CVE-2020-11841Jun 16, 2020
    risk 0.00cvss epss 0.01

    Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure.

  • CVE-2020-11838Jun 16, 2020
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.

  • CVE-2020-11840Jun 16, 2020
    risk 0.00cvss epss 0.01

    Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure.

  • CVE-2015-5441Nov 12, 2015
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2015-6030Nov 4, 2015
    risk 0.00cvss epss 0.01

    HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.