Local File Manipulation Vulnerability in HP ArcSight Connector Appliance
CVE-2011-2779

Currently unrated

Key Information:

Vendor: HP
Status: Arcsight C5400 Appliance; Arcsight C5200 Appliance; Arcsight C3200 Appliance; Arcsight C3400 Appliance
Vendor: CVE Published:; 19 July 2011

Summary

The HP ArcSight Connector Appliance's Windows Event Log SmartConnector versions prior to 6.1 contain a vulnerability due to the use of world-writable permissions on exported report files. This flaw enables local users to modify or delete critical log data by altering these files. Consequently, unauthorized modifications can compromise the integrity of the logging mechanism, posing a security risk for the overall system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/68855

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/122054

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Jul 19, 2011
Vulnerability Reserved
Jul 19, 2011