Vulnerabilities > HP > Arcsight Enterprise Security Manager Express > 6.9.0c
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-31 | CVE-2017-14358 | Open Redirect vulnerability in HP products A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 6.1 |
2017-10-31 | CVE-2017-14357 | Cross-site Scripting vulnerability in HP products A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 6.1 |
2017-10-31 | CVE-2017-14356 | SQL Injection vulnerability in HP products An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 9.8 |