CVE-2023-24470

2023-06-1300:00:00

OpenText

www.cve.org

arcsight logger

xml external entity injection

security vulnerability

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.9%

JSON

Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "ArcSight Logger",
    "versions": [
      {
        "version": "versions prior to 7.3.0",
        "status": "affected"
      }
    ]
  }
]

References

portal.microfocus.com/s/article/KM000018224?language=en_US

www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/

www.microfocus.com/support/downloads/%2C