HP ArcSight Connector Appliance and Logger Vulnerabilities

If you are using HP ArcSight Connector Appliance (v6.3 and earlier) and Logger (v5.2 and earlier), some potential security vulnerabilities have been identified which could be remotely exploited to allow information disclosure, command injection and cross-site scripting (XSS).

HP recommend to contact support to request the current updates for ArcSight Connector Appliance (v6.4) and ArcSight Logger (v5.3) to resolve these issues. Additional information available here.

[1] http://h20565.www2.http.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03606700-1&ac.admitted=1361054958795.876444892.492883150


Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu


528 Posts
ISC Handler
Feb 17th 2013

Sign Up for Free or Log In to start participating in the conversation!