7.2
CVE-2015-6030
- EPSS 0.98%
- Veröffentlicht 04.11.2015 03:59:08
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cret@cert.org
- Teams Watchlist Login
- Unerledigt Login
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp ≫ Arcsight Connector Appliance Version <= 6.4.0.6881.3
Hp ≫ Arcsight Logger Version6.0.0.7307.1
Hp ≫ Arcsight Command Center Version6.8.0.1896.0
Hp ≫ Arcsight Connectors Version <= 7.1.3
Hp ≫ Arcsight Express Version4.0
Hp ≫ Arcsight Express Version4.0 Updatep1
Hp ≫ Arcsight Management Center Updatep1 Version <= 2.0
Microfocus ≫ Arcsight Enterprise Security Manager Version <= 6.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.98% | 0.757 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|