Arbitrary Code Execution Vulnerability in HPE ArcSight Logger

CVE-2015-6864

What is CVE-2015-6864?

HPE ArcSight Logger prior to version 6.1P1 contains a significant security vulnerability that allows remote authenticated users to execute arbitrary code. This issue arises due to insufficient validation of user input, specifically within the Intellicus and client-certificate upload components. Exploitation of this vulnerability could lead to unauthorized actions and potential compromise of system integrity.

References