Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - HP ArcSight Connector Appliance and Logger Vulnerabilities InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

HP ArcSight Connector Appliance and Logger Vulnerabilities

Published: 2013-02-17
Last Updated: 2013-02-17 00:22:32 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

If you are using HP ArcSight Connector Appliance (v6.3 and earlier) and Logger (v5.2 and earlier), some potential security vulnerabilities have been identified which could be remotely exploited to allow information disclosure, command injection and cross-site scripting (XSS).

HP recommend to contact support to request the current updates for ArcSight Connector Appliance (v6.4) and ArcSight Logger (v5.3) to resolve these issues. Additional information available here.

[1] http://h20565.www2.http.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03606700-1&ac.admitted=1361054958795.876444892.492883150

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

0 comment(s)
Diary Archives