HP ArcSight ESM and ArcSight ESM Express CVE-2017-14356 SQL Injection Vulnerability

Bugtraq ID: 101627
Class: Input Validation Error
CVE: CVE-2017-14356
Remote: Yes
Local: No
Published: Oct 31 2017 12:00AM
Updated: Nov 18 2017 01:07AM
Credit: Cosmin Maier from Zeroday.PRO Threat Research Lab
Vulnerable: HP ArcSight ESM Express 6.0
HP ArcSight ESM 6.8
HP ArcSight ESM 6.5
HP ArcSight ESM 6.0
Not Vulnerable: HP ArcSight ESM Express 6.9.1c Patch 4
HP ArcSight ESM Express 6.11.0 Patch 1
HP ArcSight ESM 6.9.1c Patch 4
HP ArcSight ESM 6.11.0 Patch 1


 

Privacy Statement
Copyright 2010, SecurityFocus