Potential Remote Vulnerability Identified in OpenText/Micro Focus ArcSight Enterprise Security Manager (ESM)
CVE-2024-0967

4.3MEDIUM

Key Information:

Vendor: Opentext
Status: Arcsight Enterprise Security Manager
Vendor: CVE Published:; 1 March 2024

Badges

👾 Exploit Exists

What is CVE-2024-0967?

A vulnerability has been identified in OpenText / Micro Focus ArcSight Enterprise Security Manager (ESM) that allows for potential remote exploitation. This issue presents a risk to users who rely on this platform for managing security events and information. Proper maintenance and timely updates are essential for mitigating this risk and ensuring continued security integrity.

Affected Version(s)

ArcSight Enterprise Security Manager 0 < 24.1 (7.7.0)

References

https://portal.microfocus.com/s/article/KM000027060

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 2, 2024
👾
Exploit known to exist
Mar 2, 2024
Vulnerability published
Mar 1, 2024
Vulnerability Reserved
Jan 26, 2024