Vulnerabilities > HP > Arcsight Management Center

DATE CVE VULNERABILITY TITLE RISK
2019-07-25 CVE-2019-3486 Cross-site Scripting vulnerability in HP Arcsight Management Center 2.0
Mitigates a stored cross site scripting issue in ArcSight Security Management Center versions prior to 2.9.1
network
low complexity
hp CWE-79
6.1
6.1
2018-09-20 CVE-2018-6505 Unspecified vulnerability in HP Arcsight Management Center 2.0/2.9.1
A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81.
network
low complexity
hp
7.5
7.5
2018-09-20 CVE-2018-6503 Unspecified vulnerability in HP Arcsight Management Center 2.0/2.9.1
A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81.
network
low complexity
hp
6.5
6.5
2018-09-20 CVE-2018-6502 Cross-site Scripting vulnerability in HP Arcsight Management Center 2.0/2.9.1
A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81.
network
low complexity
hp CWE-79
6.1
6.1
2018-09-20 CVE-2018-6501 Unspecified vulnerability in HP Arcsight Management Center 2.0/2.9.1
Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81.
network
low complexity
hp
6.5
6.5
2018-09-20 CVE-2018-6500 Path Traversal vulnerability in HP Arcsight Management Center 2.0/2.9.1
A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81.
network
low complexity
hp CWE-22
7.5
7.5
2015-11-04 CVE-2015-6030 Permissions, Privileges, and Access Controls vulnerability in multiple products
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.
local
low complexity
hp microfocus CWE-264
7.2
7.2