PT-2011-4083 · Hewlett Packard+1 · Hp Arcsight Connector Appliance+1
Publicado
2011-07-19
·
Atualizado
2017-08-29
·
CVE-2011-2779
CVSS v2.0
3.6
Baixa
| Vetor | AV:L/AC:L/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
HP ArcSight Connector Appliance versions prior to 6.1
Description
The issue concerns the Windows Event Log SmartConnector in HP ArcSight Connector Appliance, where it uses world-writable permissions for exported report files. This allows local users to modify or delete log data by changing a file.
Recommendations
For versions prior to 6.1, update to version 6.1 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Hp Arcsight Connector Appliance
Windows