Information Disclosure and Data Manipulation in HP ArcSight Products
CVE-2012-3286

Currently unrated

Key Information:

Vendor: HP
Status: Arcsight Connector Appliance Firmware; Arcsight Connector Appliance
Vendor: CVE Published:; 16 February 2013

Summary

An unspecified vulnerability in HP ArcSight Connector Appliance (version 6.3 and earlier) and ArcSight Logger (version 5.2 and earlier) allows remote authenticated users to access sensitive information, alter data, or trigger denial of service conditions. This vulnerability exposes critical data and functionality that could be misused by malicious actors, necessitating timely intervention and remediation by users.

References

http://www.kb.cert.org/vuls/id/829260

third-party-advisoryx_refsource_CERT-VN

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/...

vendor-advisoryx_refsource_HP

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 16, 2013