CVE-2015-6029

Currently unrated

Key Information:

Vendor: HP
Status: Arcsight Logger
Vendor: CVE Published:; 4 November 2015

Summary

HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach.

References

http://www.securityfocus.com/bid/77128

vdb-entryx_refsource_BID

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId...

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/842252

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Nov 4, 2015
Vulnerability Reserved
Aug 14, 2015