CVE-2016-1992

Published: Mar 17, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors.

Affected (2)

Products: Hp: Enterprise Security Manager, Enterprise Security Manager Express

2 products

Enterprise Security Manager

Enterprise Security Manager Express

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Hp Enterprise Security Manager	Up to 6.8
Hp Enterprise Security Manager Express	Up to 6.9.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securitytracker.com/id/1035307

Source: cve@mitre.org

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048753

Source: cve@mitre.org

PatchVendor Advisory

http://www.securitytracker.com/id/1035307

Source: af854a3a-2127-422b-91ae-364da2661108

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048753

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.