CVE-2016-1990
Published Mar 16, 2016
Last updated 6 years ago
Overview
- Description
- HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 6.4
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BBA2354-7296-402B-8825-B92F9C2F73E0",
"versionEndIncluding": "5.6"
},
{
"criteria": "cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC7670D5-2F15-4E51-95AB-CDA6AF3CC045"
},
{
"criteria": "cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02DD2F2C-D11F-495F-ADF4-42146DB541DD"
},
{
"criteria": "cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0D8B31A-8C30-4A52-9E74-58E93E757321"
},
{
"criteria": "cpe:2.3:a:microfocus:arcsight_enterprise_security_manager:6.9:*:*:*:express:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE264EB7-81C3-4823-B4F1-C92104858DD9"
}
],
"operator": "OR"
}
]
}
]