Vulnerabilities > CVE-2015-2903 - Unspecified vulnerability in HP Arcsight Smartconnectors
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE local
hp
Summary
The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password. <a href="http://cwe.mitre.org/data/definitions/798.html" target="_blank">CWE-798: Use of Hard-coded Credentials</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |