HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.
References
Link | Resource |
---|---|
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04941487 | Patch Vendor Advisory |
Configurations
Information
Published : 2016-01-15 21:59
Updated : 2016-11-30 19:01
NVD link : CVE-2015-6864
Mitre link : CVE-2015-6864
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
hp
- arcsight_logger