CVE-2018-6501

{"id": "CVE-2018-6501", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2018-09-20T16:29:00.573", "references": [{"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142", "source": "security@opentext.com"}, {"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03245142", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad potencial de seguridad de controles de acceso insuficientes en ArcSight Management Center (ArcMC) en versiones anteriores a la 2.81. La vulnerabilidad podr\u00eda ser explotada para permitir controles de acceso insuficientes."}], "lastModified": "2024-11-21T04:10:47.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:arcsight_management_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF00B914-33FF-44F3-B862-9498CB32636A", "versionEndExcluding": "2.81"}], "operator": "OR"}]}], "sourceIdentifier": "security@opentext.com"}