Vulnerabilities > CVE-2012-5198 - Information Disclosure vulnerability in HP products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
hp
nessus

Summary

Unspecified vulnerability in HP ArcSight Connector Appliance before 6.3 and ArcSight Logger 5.2 and earlier allows remote attackers to obtain sensitive information via unknown vectors.

Nessus

NASL familyMisc.
NASL idARCSIGHT_LOGGER_5_3_LOCAL.NASL
descriptionAccording to its self-reported version number, the version of HP ArcSight Logger installed on the remote host is affected by the following vulnerabilities : - An error exists related to handling host file imports that could allow cross-site scripting attacks. (CVE-2012-2960) - An unspecified error exists that could allow a remote attacker to inject commands. (CVE-2012-3286) - An unspecified error exists that could allow unspecified information disclosure. (CVE-2012-5198) - An unspecified error exists that could allow a local attacker to inject commands. (CVE-2012-5199)
last seen2020-06-01
modified2020-06-02
plugin id69444
published2013-07-11
reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/69444
titleHP ArcSight Logger < 5.3 Multiple Vulnerabilities (credentialed check)