Описание
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.6 (включая)
Одно из
cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.5:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.8:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.9:*:*:*:express:*:*:*
EPSS
Процентиль: 28%
0.00099
Низкий
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors.
EPSS
Процентиль: 28%
0.00099
Низкий
7.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-264