HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/842252 | Third Party Advisory US Government Resource |
http://www.securitytracker.com/id/1034072 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1034073 | Third Party Advisory VDB Entry |
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04872416 | Third Party Advisory |
http://www.kb.cert.org/vuls/id/842252 | Third Party Advisory US Government Resource |
http://www.securitytracker.com/id/1034072 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1034073 | Third Party Advisory VDB Entry |
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04872416 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 02:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/842252 - Third Party Advisory, US Government Resource | |
References | () http://www.securitytracker.com/id/1034072 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1034073 - Third Party Advisory, VDB Entry | |
References | () https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04872416 - Third Party Advisory |
Information
Published : 2015-11-04 03:59
Updated : 2024-11-21 02:34
NVD link : CVE-2015-6030
Mitre link : CVE-2015-6030
CVE.ORG link : CVE-2015-6030
JSON object : View
Products Affected
hp
- arcsight_connectors
- arcsight_express
- arcsight_connector_appliance
- arcsight_command_center
- arcsight_logger
- arcsight_management_center
microfocus
- arcsight_enterprise_security_manager
CWE
CWE-264
Permissions, Privileges, and Access Controls