CVE-2012-5199

2022-10-0316:15:30

[email protected]

web.nvd.nist.gov

cve-2012-5199

nvd

arcsight

connector appliance

logger

remote code execution

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.1%

JSON

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to execute arbitrary code via unknown vectors.

Affected configurations

NVD

Node

hparcsight_connector_appliance_firmwareRange≤6.3

hparcsight_connector_appliance_firmwareMatch6.0.0.60023.2

hparcsight_connector_appliance_firmwareMatch6.2.0.6244.0

AND

hparcsight_connector_applianceMatchc1400

hparcsight_connector_applianceMatchc3400

hparcsight_connector_applianceMatchc5400

Node

hparcsight_loggerRange≤5.2

CPENameOperatorVersion
hp:arcsight_connector_appliance_firmwarehp arcsight connector appliance firmwarele6.3
hp:arcsight_connector_appliance_firmwarehp arcsight connector appliance firmwareeq6.0.0.60023.2
hp:arcsight_connector_appliance_firmwarehp arcsight connector appliance firmwareeq6.2.0.6244.0
hp:arcsight_connector_appliancehp arcsight connector applianceeqc1400
hp:arcsight_connector_appliancehp arcsight connector applianceeqc3400
hp:arcsight_connector_appliancehp arcsight connector applianceeqc5400

CPE	Name	Operator	Version
hp:arcsight_connector_appliance_firmware	hp arcsight connector appliance firmware	le	6.3
hp:arcsight_connector_appliance_firmware	hp arcsight connector appliance firmware	eq	6.0.0.60023.2
hp:arcsight_connector_appliance_firmware	hp arcsight connector appliance firmware	eq	6.2.0.6244.0
hp:arcsight_connector_appliance	hp arcsight connector appliance	eq	c1400
hp:arcsight_connector_appliance	hp arcsight connector appliance	eq	c3400
hp:arcsight_connector_appliance	hp arcsight connector appliance	eq	c5400