Vulnerabilities > Microfocus > Arcsight Enterprise Security Manager > 6.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-03-16 | CVE-2016-1991 | Arbitrary File Download vulnerability in HP ArcSight ESM and ArcSight ESM Express HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors. network microfocus | 6.0 |
2016-03-16 | CVE-2016-1990 | Permissions, Privileges, and Access Controls vulnerability in Microfocus Arcsight Enterprise Security Manager HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors. | 4.3 |