漏洞类别:Local
漏洞等级: 
漏洞信息
HPE ArcSight Data Platform (formerly ArcSight Logger) is a SIEM platform that unifies data collection and log management of machine data for security.
An authorization bypass vulnerability exists that allows an authenticated, remote attacker to bypass authorization checks and perform unauthorized actions. (CVE-2015-2136)
A security bypass vulnerability exists in the SOAP interface due to a failure to properly log and lockout failed login attempts. A remote attacker can exploit this to perform a brute-force attack. (CVE-2015-6029)
A file command handling local privilege escalation vulnerability exists due to files owned by the arcsight user being executed with root privileges. A local attacker can exploit this to run commands to gain elevated privileges. (CVE-2015-6030)
Affected Version
HP ArcSight Logger prior to v6.0 P2
漏洞危害
On successful exploitation it allows an authenticated, remote attacker to bypass authorization checks and perform unauthorized actions.
解决方案
Vendor has released fix to address these vulnerabilities. The updates may be downloaded from here.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论