PT-2016-4948 · Hewlett Packard · Hp Arcsight Esm+1
Published
2016-03-16
·
Updated
2018-10-17
·
CVE-2016-1990
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
HPE ArcSight ESM versions 5.x through 5.5
HPE ArcSight ESM version 6.0
HPE ArcSight ESM versions 6.5.x through 6.5C SP1 Patch 1
HPE ArcSight ESM version 6.8c through 6.8c P0
HPE ArcSight ESM Express versions prior to 6.9.1
Description
The issue allows local users to gain privileges for command execution.
Recommendations
For HPE ArcSight ESM versions 5.x through 5.5, update to version 5.6 or later.
For HPE ArcSight ESM version 6.0, update to a later version.
For HPE ArcSight ESM versions 6.5.x through 6.5C SP1 Patch 1, update to version 6.5C SP1 Patch 2 or later.
For HPE ArcSight ESM version 6.8c through 6.8c P0, update to version 6.8c P1 or later.
For HPE ArcSight ESM Express versions prior to 6.9.1, update to version 6.9.1 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hp Arcsight Esm
Arcsight Esm Express