CVE-2016-1991
Description
HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified file download attacks via unknown vectors.
Risk Information
Base Score
8.0
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.483
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2014-7885,CVE-2015-6030,CVE-2016-1990,CVE-2016-1991 are affected in MicroFocus ArcSight Enterprise Security Manager 6.5 | Windows |
| Vulnerabilities CVE-2016-1990,CVE-2016-1991 are affected in MicroFocus ArcSight Enterprise Security Manager 5.6 | Windows |
| Vulnerabilities CVE-2016-1990,CVE-2016-1991 are affected in MicroFocus ArcSight Enterprise Security Manager 6.0 | Windows |
| Vulnerabilities CVE-2016-1990,CVE-2016-1991 are affected in MicroFocus ArcSight Enterprise Security Manager 6.8 | Windows |
| CVE-2016-1991 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234