Vulnerabilities > CVE-2012-5198 - Information Disclosure vulnerability in HP products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in HP ArcSight Connector Appliance before 6.3 and ArcSight Logger 5.2 and earlier allows remote attackers to obtain sensitive information via unknown vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 3 | |
Application | 1 |
Nessus
NASL family | Misc. |
NASL id | ARCSIGHT_LOGGER_5_3_LOCAL.NASL |
description | According to its self-reported version number, the version of HP ArcSight Logger installed on the remote host is affected by the following vulnerabilities : - An error exists related to handling host file imports that could allow cross-site scripting attacks. (CVE-2012-2960) - An unspecified error exists that could allow a remote attacker to inject commands. (CVE-2012-3286) - An unspecified error exists that could allow unspecified information disclosure. (CVE-2012-5198) - An unspecified error exists that could allow a local attacker to inject commands. (CVE-2012-5199) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 69444 |
published | 2013-07-11 |
reporter | This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/69444 |
title | HP ArcSight Logger < 5.3 Multiple Vulnerabilities (credentialed check) |