2017-09-30 03:29:01 2017-10-06 16:10:56

An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE_INSTANCE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

NONE
Hp Arcsight enterprise security manager express 6.9.1c P2 (not an official CPE) Hp Arcsight enterprise security manager 6.8c (not an official CPE) Hp Arcsight enterprise security manager express 6.9.1c P1 (not an official CPE) Hp Arcsight enterprise security manager 6.11.0 (not an official CPE) Hp Arcsight enterprise security manager express 6.9.1c P3 (not an official CPE) Hp Arcsight enterprise security manager express 6.8 (not an official CPE) Hp Arcsight enterprise security manager 6.0c (not an official CPE) Hp Arcsight enterprise security manager express 6.5c (not an official CPE) Hp Arcsight enterprise security manager 6.9.1c (not an official CPE) Hp Arcsight enterprise security manager 6.0 (not an official CPE) Hp Arcsight enterprise security manager express 6.11.0 (not an official CPE) Hp Arcsight enterprise security manager express 6.9.1c (not an official CPE) Hp Arcsight enterprise security manager express 6.0c (not an official CPE) Hp Arcsight enterprise security manager 6.5 (not an official CPE) Hp Arcsight enterprise security manager express 6.5c Sp1 (not an official CPE) Hp Arcsight enterprise security manager express 6.8c (not an official CPE) Hp Arcsight enterprise security manager 6.5c Sp1 (not an official CPE) Hp Arcsight enterprise security manager 6.9.0c (not an official CPE) Hp Arcsight enterprise security manager express 6.9.0 (not an official CPE) Hp Arcsight enterprise security manager express 6.5 Sp1 (not an official CPE) Hp Arcsight enterprise security manager 6.8 (not an official CPE) Hp Arcsight enterprise security manager express 6.5 (not an official CPE) Hp Arcsight enterprise security manager 6.5c (not an official CPE) Hp Arcsight enterprise security manager 6.9.1c P3 (not an official CPE) Hp Arcsight enterprise security manager 6.9.1c P2 (not an official CPE) Hp Arcsight enterprise security manager 6.9.1c P1 (not an official CPE) Hp Arcsight enterprise security manager express 6.0 (not an official CPE) Hp Arcsight enterprise security manager 6.5 Sp1 (not an official CPE)