File Download Vulnerability in HPE ArcSight ESM Products
CVE-2016-1991

8HIGH

Key Information:

Vendor

Microfocus
Status
Arcsight Enterprise Security Manager
Vendor
CVE Published:
16 March 2016

What is CVE-2016-1991?

HPE ArcSight ESM and ArcSight ESM Express products are susceptible to a vulnerability that allows remote authenticated users to perform unauthorized file download attacks. This issue arises from unspecified vectors and could lead to the unauthorized access of sensitive files and data, posing a significant risk to impacted systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1035282
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.