CVE-2016-1991

High

8/10

Summary

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

References

Advisory Timeline

Published Mar 16, 2016

CVE-2016-1991

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS