Privilege Escalation in HP ArcSight Logger and Command Center Products
CVE-2015-6030

Currently unrated

Key Information:

Vendor: HP
Status: Arcsight Connector Appliance
Vendor: CVE Published:; 4 November 2015

Summary

HP ArcSight Logger, ArcSight Command Center, and ArcSight Connector Appliance have a vulnerability that allows local users to exploit the root account permissions to execute files owned by the arcsight user. This weakness may enable unauthorized privilege escalation, allowing attackers to gain elevated access and control over the affected systems.

References

http://www.securitytracker.com/id/1034073

vdb-entryx_refsource_SECTRACK

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1034072

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Nov 4, 2015
Vulnerability Reserved
Aug 14, 2015