Command injection

2015-11-0403:59:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.3%

JSON

HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.

CPENameOperatorVersion
arcsight_command_centereq6.8.0.1896.0
arcsight_connector_appliancele6.4.0.6881.3
arcsight_connectorsle7.1.3
arcsight_expresseq4.0
arcsight_expresseq4.0 p1
arcsight_loggereq6.0.0.7307.1
arcsight_management_centerle2.0
arcsight_enterprise_security_managerle6.5

Name	Operator	Version
arcsight_command_center	eq	6.8.0.1896.0
arcsight_connector_appliance	le	6.4.0.6881.3
arcsight_connectors	le	7.1.3
arcsight_express	eq	4.0
arcsight_express	eq	4.0 p1
arcsight_logger	eq	6.0.0.7307.1
arcsight_management_center	le	2.0
arcsight_enterprise_security_manager	le	6.5