Hp: >> Arcsight C1300 Appliance Security Vulnerabilities
Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770.
CVSS Score
3.6
EPSS Score
0.001
Published
2011-07-19
Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file.
CVSS Score
4.3
EPSS Score
0.013
Published
2011-07-19