7.2
CVE-2015-6030
- EPSS 0.98%
- Published 04.11.2015 03:59:08
- Last modified 12.04.2025 10:46:40
- Source cret@cert.org
- Teams watchlist Login
- Open Login
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.
Data is provided by the National Vulnerability Database (NVD)
Hp ≫ Arcsight Connector Appliance Version <= 6.4.0.6881.3
Hp ≫ Arcsight Logger Version6.0.0.7307.1
Hp ≫ Arcsight Command Center Version6.8.0.1896.0
Hp ≫ Arcsight Connectors Version <= 7.1.3
Hp ≫ Arcsight Express Version4.0
Hp ≫ Arcsight Express Version4.0 Updatep1
Hp ≫ Arcsight Management Center Updatep1 Version <= 2.0
Microfocus ≫ Arcsight Enterprise Security Manager Version <= 6.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.98% | 0.757 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|