Search criteria
4 vulnerabilities found for Micro Focus ArcSight Logger by Micro Focus
CVE-2022-26331 (GCVE-0-2022-26331)
Vulnerability from cvelistv5 – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Title
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.1 (Medium)
CWE
- Self Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Self Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:52",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26331",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS)."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Self Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26331",
"datePublished": "2022-08-31T15:52:37",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26330 (GCVE-0-2022-26330)
Vulnerability from cvelistv5 – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Title
Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.5 (Medium)
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:58",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26330",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26330",
"datePublished": "2022-08-31T15:52:15",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:31.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26331 (GCVE-0-2022-26331)
Vulnerability from nvd – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Title
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.1 (Medium)
CWE
- Self Cross-Site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Self Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:52",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26331",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS)."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Self Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26331",
"datePublished": "2022-08-31T15:52:37",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26330 (GCVE-0-2022-26330)
Vulnerability from nvd – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
VLAI?
Title
Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.
Summary
Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
Severity ?
6.5 (Medium)
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Micro Focus ArcSight Logger |
Affected:
unspecified , < v7.2.2
(custom)
|
Credits
Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus ArcSight Logger",
"vendor": "Micro Focus",
"versions": [
{
"lessThan": "v7.2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T20:15:58",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microfocus.com/support/downloads/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2022-26330",
"STATE": "PUBLIC",
"TITLE": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus ArcSight Logger",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v7.2.2"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microfocus.com/support/downloads/",
"refsource": "MISC",
"url": "https://www.microfocus.com/support/downloads/"
},
{
"name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
"refsource": "MISC",
"url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
}
]
},
"solution": [
{
"lang": "en",
"value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2 https://www.microfocus.com/support/downloads/\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2022-26330",
"datePublished": "2022-08-31T15:52:15",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:31.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}