Expired Domain Vulnerability in OpenText ArcSight Enterprise Security Manager
CVE-2025-2517

2.3LOW

Key Information:

Vendor: Opentext
Status: Arcsight Enterprise Security Manager
Vendor: CVE Published:; 21 April 2025

What is CVE-2025-2517?

The vulnerability in OpenText ArcSight Enterprise Security Manager exposes systems to security risks due to reliance on expired domain references. This flaw can lead to potential access issues and undermine the integrity of security operations. Organizations using this software should review their configurations to ensure domain references remain valid and secure.

Affected Version(s)

ArcSight Enterprise Security Manager 0 <= 7.6.6

ArcSight Enterprise Security Manager 7.7.0 <= 7.7.1

References

https://portal.microfocus.com/s/article/KM000040103

vendor-advisory

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2025
Vulnerability Reserved
Mar 19, 2025

Opentext

What is CVE-2025-2517?

Affected Version(s)

References

CVSS V4

Timeline