Vulnerabilities > CVE-2015-2903 - Unspecified vulnerability in HP Arcsight Smartconnectors
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://www.kb.cert.org/vuls/id/350508
- http://www.kb.cert.org/vuls/id/350508
- http://www.securitytracker.com/id/1034078
- http://www.securitytracker.com/id/1034078
- https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932
- https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932