CVE-2017-13989

An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.0c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5:sp1:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.5c:sp1:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.8:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.8c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.0c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:p1:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:p2:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.9.1c:p3:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager:6.11.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.0c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5:sp1:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.5c:sp1:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.8:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.8c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:*:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p1:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p2:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p3:*:*:*:*:*:*
cpe:2.3:a:hp:arcsight_enterprise_security_manager_express:6.11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 03:11

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/100935 - () http://www.securityfocus.com/bid/100935 -
References () https://softwaresupport.hpe.com/km/KM02944672 - () https://softwaresupport.hpe.com/km/KM02944672 -

07 Nov 2023, 02:38

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/100935 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/100935 -
References (CONFIRM) https://softwaresupport.hpe.com/km/KM02944672 - Permissions Required () https://softwaresupport.hpe.com/km/KM02944672 -

Information

Published : 2017-09-30 01:29

Updated : 2024-11-21 03:11


NVD link : CVE-2017-13989

Mitre link : CVE-2017-13989

CVE.ORG link : CVE-2017-13989


JSON object : View

Products Affected

hp

  • arcsight_enterprise_security_manager
  • arcsight_enterprise_security_manager_express