Search criteria
27 vulnerabilities found for arcsight_logger by microfocus
FKIE_CVE-2023-24470
Vulnerability from fkie_nvd - Published: 2023-06-13 23:15 - Updated: 2025-01-06 16:15
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD67067-7EA5-42E2-ACFC-C60145650DE7",
"versionEndExcluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0."
}
],
"id": "CVE-2023-24470",
"lastModified": "2025-01-06T16:15:24.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-13T23:15:08.937",
"references": [
{
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
],
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US"
},
{
"source": "security@opentext.com",
"tags": [
"Release Notes"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"source": "security@opentext.com",
"url": "https://www.microfocus.com/support/downloads/%2C"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.microfocus.com/support/downloads/%2C"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-24469
Vulnerability from fkie_nvd - Published: 2023-06-13 22:15 - Updated: 2025-01-03 19:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8F5467-FB16-4E3C-9D26-70937C1E511E",
"versionEndIncluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0"
}
],
"id": "CVE-2023-24469",
"lastModified": "2025-01-03T19:15:09.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-06-13T22:15:09.317",
"references": [
{
"source": "security@opentext.com",
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C"
},
{
"source": "security@opentext.com",
"tags": [
"Release Notes"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"source": "security@opentext.com",
"tags": [
"Not Applicable"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.microfocus.com/support/downloads/"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-26330
Vulnerability from fkie_nvd - Published: 2022-08-31 16:15 - Updated: 2024-11-21 06:53
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E99C813-D5CB-40D8-AA6F-7BF5454BBB28",
"versionEndExcluding": "7.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
},
{
"lang": "es",
"value": "Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podr\u00edan explotarse de forma remota, resultando en una Divulgaci\u00f3n de Informaci\u00f3n o ataques de tipo Cross-Site Scripting (XSS) propios. Este problema afecta a: Micro Focus ArcSight Logger versiones anteriores a v7.2.2 y versiones anteriores"
}
],
"id": "CVE-2022-26330",
"lastModified": "2024-11-21T06:53:45.693",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-31T16:15:10.237",
"references": [
{
"source": "security@opentext.com",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
},
{
"source": "security@opentext.com",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.microfocus.com/support/downloads/"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-26331
Vulnerability from fkie_nvd - Published: 2022-08-31 16:15 - Updated: 2024-11-21 06:53
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E99C813-D5CB-40D8-AA6F-7BF5454BBB28",
"versionEndExcluding": "7.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
},
{
"lang": "es",
"value": "Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podr\u00edan ser explotadas de forma remota dando lugar a una Divulgaci\u00f3n de Informaci\u00f3n, o ataques de tipo Cross-Site Scripting (XSS) propios. Este problema afecta a: Micro Focus ArcSight Logger versiones anteriores a v7.2.2 y versiones anteriores"
}
],
"id": "CVE-2022-26331",
"lastModified": "2024-11-21T06:53:45.800",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-31T16:15:10.293",
"references": [
{
"source": "security@opentext.com",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
},
{
"source": "security@opentext.com",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.microfocus.com/support/downloads/"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-11851
Vulnerability from fkie_nvd - Published: 2020-11-17 02:15 - Updated: 2024-11-21 04:58
Severity ?
Summary
Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDF38AE-2CB2-489D-81BC-70C5C293C59C",
"versionEndExcluding": "7.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitraria en el producto Micro Focus ArcSight Logger, afectando a todas las versiones anteriores a 7.1.1. La vulnerabilidad podr\u00eda ser explotada remotamente resultando en una ejecuci\u00f3n de c\u00f3digo arbitraria"
}
],
"id": "CVE-2020-11851",
"lastModified": "2024-11-21T04:58:45.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-17T02:15:12.927",
"references": [
{
"source": "security@opentext.com",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-11860
Vulnerability from fkie_nvd - Published: 2020-11-17 01:15 - Updated: 2024-11-21 04:58
Severity ?
Summary
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDF38AE-2CB2-489D-81BC-70C5C293C59C",
"versionEndExcluding": "7.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)"
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, que afecta a todas las versiones anteriores a 7.1.1. La vulnerabilidad podr\u00eda ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS)"
}
],
"id": "CVE-2020-11860",
"lastModified": "2024-11-21T04:58:46.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-17T01:15:13.123",
"references": [
{
"source": "security@opentext.com",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-25834
Vulnerability from fkie_nvd - Published: 2020-11-17 01:15 - Updated: 2024-11-21 05:18
Severity ?
Summary
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDF38AE-2CB2-489D-81BC-70C5C293C59C",
"versionEndExcluding": "7.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, afectando a versi\u00f3n 7.1. La vulnerabilidad podr\u00eda ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS)"
}
],
"id": "CVE-2020-25834",
"lastModified": "2024-11-21T05:18:52.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-17T01:15:13.623",
"references": [
{
"source": "security@opentext.com",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"source": "security@opentext.com",
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-11839
Vulnerability from fkie_nvd - Published: 2020-06-12 23:15 - Updated: 2024-11-21 04:58
Severity ?
Summary
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4BA1AB-81BC-4B52-8BA0-52200E733DD7",
"versionEndIncluding": "7.0.1",
"versionStartIncluding": "6.61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure."
},
{
"lang": "es",
"value": "Vulnerabilidad de tipo Cross Site Scripting (XSS) en el producto Micro Focus ArcSight Logger, afectando a todas las versiones desde 6.6.1 hasta la versi\u00f3n 7.0.1. Las vulnerabilidades podr\u00edan ser explotadas remotamente, resultando en un ataque de tipo Cross-Site Scripting (XSS) o una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2020-11839",
"lastModified": "2024-11-21T04:58:43.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-12T23:15:10.633",
"references": [
{
"source": "security@opentext.com",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-11657
Vulnerability from fkie_nvd - Published: 2019-12-17 23:15 - Updated: 2024-11-21 04:21
Severity ?
Summary
Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microfocus | arcsight_logger | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B91B9E6E-9D28-4425-B395-9D19312D29A7",
"versionEndExcluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack."
},
{
"lang": "es",
"value": "Vulnerabilidad de tipo Cross-Site Request Forgery en todo Micro Focus ArcSight Logger afectando a todas las versiones del producto por debajo de la versi\u00f3n 7.0. La vulnerabilidad podr\u00eda ser explotada para lleva a cabo un ataque de tipo CSRF."
}
],
"id": "CVE-2019-11657",
"lastModified": "2024-11-21T04:21:32.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-17T23:15:14.347",
"references": [
{
"source": "security@opentext.com",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-24470 (GCVE-0-2023-24470)
Vulnerability from cvelistv5 – Published: 2023-06-13 00:00 – Updated: 2025-01-06 15:47
VLAI?
Summary
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.
Severity ?
9.1 (Critical)
CWE
- Potential XML External Entity Injection (CVE-2023-24470) in ArcSight Logger versions prior to 7.3.0
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ArcSight Logger |
Affected:
versions prior to 7.3.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/%2C"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-06T15:47:23.989786Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-06T15:47:28.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "versions prior to 7.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential XML External Entity Injection (CVE-2023-24470) in ArcSight Logger versions prior to 7.3.0",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T00:00:00",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "OpenText"
},
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US"
},
{
"url": "https://www.microfocus.com/support/downloads/%2C"
},
{
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "OpenText",
"cveId": "CVE-2023-24470",
"datePublished": "2023-06-13T00:00:00",
"dateReserved": "2023-01-23T00:00:00",
"dateUpdated": "2025-01-06T15:47:28.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24469 (GCVE-0-2023-24469)
Vulnerability from cvelistv5 – Published: 2023-06-13 00:00 – Updated: 2025-01-03 18:07
VLAI?
Summary
Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0
Severity ?
6.1 (Medium)
CWE
- Potential Cross-Site Scripting (CVE-2023-24469) in ArcSight Logger versions prior to 7.3.0
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ArcSight Logger |
Affected:
versions prior to 7.3.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"tags": [
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T18:06:37.353195Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T18:07:05.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "versions prior to 7.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential Cross-Site Scripting (CVE-2023-24469) in ArcSight Logger versions prior to 7.3.0",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T00:00:00",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "OpenText"
},
"references": [
{
"url": "https://www.microfocus.com/support/downloads/"
},
{
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "OpenText",
"cveId": "CVE-2023-24469",
"datePublished": "2023-06-13T00:00:00",
"dateReserved": "2023-01-23T00:00:00",
"dateUpdated": "2025-01-03T18:07:05.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26331 (GCVE-0-2022-26331)
Vulnerability from cvelistv5 – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.1 (Medium)
CWE
- Self Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Self Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:52",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26331",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS)."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Self Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26331",
"datePublished": "2022-08-31T15:52:37",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26330 (GCVE-0-2022-26330)
Vulnerability from cvelistv5 – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.5 (Medium)
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:58",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26330",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26330",
"datePublished": "2022-08-31T15:52:15",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:31.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11851 (GCVE-0-2020-11851)
Vulnerability from cvelistv5 – Published: 2020-11-17 01:02 – Updated: 2024-08-04 11:42
VLAI?
Summary
Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code.
Severity ?
No CVSS data available.
CWE
- Arbitrary code execution.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | ArcSight Logger |
Affected:
All version prior to version 7.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All version prior to version 7.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary code execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:04",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "All version prior to version 7.1.1"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary code execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600",
"refsource": "CONFIRM",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11851",
"datePublished": "2020-11-17T01:02:34",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11860 (GCVE-0-2020-11860)
Vulnerability from cvelistv5 – Published: 2020-11-17 00:54 – Updated: 2024-08-04 11:42
VLAI?
Summary
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | ArcSight Logger |
Affected:
All version prior to version 7.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All version prior to version 7.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:23",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "All version prior to version 7.1.1"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600",
"refsource": "CONFIRM",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11860",
"datePublished": "2020-11-17T00:54:23",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25834 (GCVE-0-2020-25834)
Vulnerability from cvelistv5 – Published: 2020-11-17 00:51 – Updated: 2024-08-04 15:40
VLAI?
Summary
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS).
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting.
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | ArcSight Logger |
Affected:
7.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:37.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:44",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-25834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "7.1"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600",
"refsource": "CONFIRM",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"name": "https://www.cybereagle.io/blog/cve-2020-25834/",
"refsource": "MISC",
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-25834",
"datePublished": "2020-11-17T00:51:31",
"dateReserved": "2020-09-23T00:00:00",
"dateUpdated": "2024-08-04T15:40:37.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11839 (GCVE-0-2020-11839)
Vulnerability from cvelistv5 – Published: 2020-06-12 22:30 – Updated: 2024-08-04 11:42
VLAI?
Summary
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
Severity ?
No CVSS data available.
CWE
- Cross Site Scripting
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ArcSight Logger. |
Affected:
All version from 6.6.1 up to 7.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All version from 6.6.1 up to 7.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger.",
"version": {
"version_data": [
{
"version_value": "All version from 6.6.1 up to 7.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03650887",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11839",
"datePublished": "2020-06-12T22:30:38",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11657 (GCVE-0-2019-11657)
Vulnerability from cvelistv5 – Published: 2019-12-17 22:05 – Updated: 2024-08-04 23:03
VLAI?
Summary
Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack.
Severity ?
No CVSS data available.
CWE
- Cross-Site Request Forgery
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus International | ArcSight Logger |
Affected:
All ArcSight Logger prior to version 7.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "All ArcSight Logger prior to version 7.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Request Forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:29",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "All ArcSight Logger prior to version 7.0"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910",
"refsource": "MISC",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11657",
"datePublished": "2019-12-17T22:05:07",
"dateReserved": "2019-05-01T00:00:00",
"dateUpdated": "2024-08-04T23:03:31.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24470 (GCVE-0-2023-24470)
Vulnerability from nvd – Published: 2023-06-13 00:00 – Updated: 2025-01-06 15:47
VLAI?
Summary
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.
Severity ?
9.1 (Critical)
CWE
- Potential XML External Entity Injection (CVE-2023-24470) in ArcSight Logger versions prior to 7.3.0
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ArcSight Logger |
Affected:
versions prior to 7.3.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/%2C"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-06T15:47:23.989786Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-06T15:47:28.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "versions prior to 7.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential XML External Entity Injection (CVE-2023-24470) in ArcSight Logger versions prior to 7.3.0",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T00:00:00",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "OpenText"
},
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US"
},
{
"url": "https://www.microfocus.com/support/downloads/%2C"
},
{
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "OpenText",
"cveId": "CVE-2023-24470",
"datePublished": "2023-06-13T00:00:00",
"dateReserved": "2023-01-23T00:00:00",
"dateUpdated": "2025-01-06T15:47:28.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24469 (GCVE-0-2023-24469)
Vulnerability from nvd – Published: 2023-06-13 00:00 – Updated: 2025-01-03 18:07
VLAI?
Summary
Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0
Severity ?
6.1 (Medium)
CWE
- Potential Cross-Site Scripting (CVE-2023-24469) in ArcSight Logger versions prior to 7.3.0
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ArcSight Logger |
Affected:
versions prior to 7.3.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"tags": [
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T18:06:37.353195Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T18:07:05.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "versions prior to 7.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential Cross-Site Scripting (CVE-2023-24469) in ArcSight Logger versions prior to 7.3.0",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T00:00:00",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "OpenText"
},
"references": [
{
"url": "https://www.microfocus.com/support/downloads/"
},
{
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/"
},
{
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "OpenText",
"cveId": "CVE-2023-24469",
"datePublished": "2023-06-13T00:00:00",
"dateReserved": "2023-01-23T00:00:00",
"dateUpdated": "2025-01-03T18:07:05.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26331 (GCVE-0-2022-26331)
Vulnerability from nvd – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.1 (Medium)
CWE
- Self Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Self Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:52",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26331",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS)."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Self Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26331",
"datePublished": "2022-08-31T15:52:37",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26330 (GCVE-0-2022-26330)
Vulnerability from nvd – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.5 (Medium)
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:58",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26330",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26330",
"datePublished": "2022-08-31T15:52:15",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:31.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11851 (GCVE-0-2020-11851)
Vulnerability from nvd – Published: 2020-11-17 01:02 – Updated: 2024-08-04 11:42
VLAI?
Summary
Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code.
Severity ?
No CVSS data available.
CWE
- Arbitrary code execution.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | ArcSight Logger |
Affected:
All version prior to version 7.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All version prior to version 7.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary code execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:04",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "All version prior to version 7.1.1"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary code execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600",
"refsource": "CONFIRM",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11851",
"datePublished": "2020-11-17T01:02:34",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11860 (GCVE-0-2020-11860)
Vulnerability from nvd – Published: 2020-11-17 00:54 – Updated: 2024-08-04 11:42
VLAI?
Summary
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | ArcSight Logger |
Affected:
All version prior to version 7.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All version prior to version 7.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:23",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "All version prior to version 7.1.1"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600",
"refsource": "CONFIRM",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11860",
"datePublished": "2020-11-17T00:54:23",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25834 (GCVE-0-2020-25834)
Vulnerability from nvd – Published: 2020-11-17 00:51 – Updated: 2024-08-04 15:40
VLAI?
Summary
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS).
Severity ?
No CVSS data available.
CWE
- Cross-Site Scripting.
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | ArcSight Logger |
Affected:
7.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:37.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:44",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-25834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "7.1"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600",
"refsource": "CONFIRM",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600"
},
{
"name": "https://www.cybereagle.io/blog/cve-2020-25834/",
"refsource": "MISC",
"url": "https://www.cybereagle.io/blog/cve-2020-25834/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-25834",
"datePublished": "2020-11-17T00:51:31",
"dateReserved": "2020-09-23T00:00:00",
"dateUpdated": "2024-08-04T15:40:37.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11839 (GCVE-0-2020-11839)
Vulnerability from nvd – Published: 2020-06-12 22:30 – Updated: 2024-08-04 11:42
VLAI?
Summary
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
Severity ?
No CVSS data available.
CWE
- Cross Site Scripting
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ArcSight Logger. |
Affected:
All version from 6.6.1 up to 7.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All version from 6.6.1 up to 7.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2020-11839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger.",
"version": {
"version_data": [
{
"version_value": "All version from 6.6.1 up to 7.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/doc/KM03650887",
"refsource": "MISC",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03650887"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11839",
"datePublished": "2020-06-12T22:30:38",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11657 (GCVE-0-2019-11657)
Vulnerability from nvd – Published: 2019-12-17 22:05 – Updated: 2024-08-04 23:03
VLAI?
Summary
Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack.
Severity ?
No CVSS data available.
CWE
- Cross-Site Request Forgery
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus International | ArcSight Logger |
Affected:
All ArcSight Logger prior to version 7.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:31.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ArcSight Logger",
"vendor": "Micro Focus International",
"versions": [
{
"status": "affected",
"version": "All ArcSight Logger prior to version 7.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Request Forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:29",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2019-11657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "All ArcSight Logger prior to version 7.0"
}
]
}
}
]
},
"vendor_name": "Micro Focus International"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910",
"refsource": "MISC",
"url": "https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2019-11657",
"datePublished": "2019-12-17T22:05:07",
"dateReserved": "2019-05-01T00:00:00",
"dateUpdated": "2024-08-04T23:03:31.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}