← Back

CVE-2015-6030

nvd nist
Published: Nov 4, 2015Modified: May 6, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.

Affected (8)

Hp
6 products
Arcsight Connector Appliance
Arcsight Logger
Arcsight Command Center
Arcsight Connectors
Arcsight Express
Arcsight Management Center
Microfocus
1 product
Arcsight Enterprise Security Manager
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Arcsight Connector Appliance
Up to 6.4.0.6881.3
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Arcsight Logger
Version 6.0.0.7307.1
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Arcsight Command Center
Version 6.8.0.1896.0
Configuration D
5 vulnerable
Vulnerable SoftwareAffected Versions
Arcsight Connectors
Up to 7.1.3
Hp
Arcsight Express
Version 4.0
Arcsight Express
Version 4.0 p1
Arcsight Management Center
Up to 2.0
Arcsight Enterprise Security Manager
Up to 6.5

Related CWEs

CWE-264
CWE-264

References (8)

Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.