Computer Security
[EN] securityvulns.ru no-pyccku


HP ArcSight Logger security vulnerabilities
updated since 15.09.2015
Published:26.10.2015
Source:
SecurityVulns ID:14693
Type:remote
Threat Level:
5/10
Description:Authentication bypass, information disclosure.
Affected:HP : ArcSight Logger 6.0
CVE:CVE-2015-6029 (HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach.)
 CVE-2015-2136 (HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBGN03429 rev.1 - HP Arcsight Logger, Remote Disclosure of Information (26.10.2015)
 documentHP, [security bulletin] HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization Bypass (15.09.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod