Vulnerabilities > Microfocus > Arcsight Enterprise Security Manager > 7.4

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-14	CVE-2021-38126	Cross-site Scripting vulnerability in Microfocus Arcsight Enterprise Security Manager 7.4/7.5 Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. network low complexity microfocus CWE-79	6.1
2022-01-14	CVE-2021-38127	Cross-site Scripting vulnerability in Microfocus Arcsight Enterprise Security Manager 7.4/7.5 Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. network low complexity microfocus CWE-79	6.1
2021-09-28	CVE-2021-38124	Command Injection vulnerability in Microfocus Arcsight Enterprise Security Manager 7.4/7.5 Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. network low complexity microfocus CWE-77 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.