Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Micro Focus ArcSight Logger by Micro Focus

    CVE-2022-26331 (GCVE-0-2022-26331)

    Vulnerability from nvd – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
    VLAI
    Title
    Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).
    Summary
    Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
    CWE
    • Self Cross-Site Scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus Micro Focus ArcSight Logger Affected: unspecified , < v7.2.2 (custom)
    Create a notification for this product.
    Credits
    Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:32.278Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.microfocus.com/support/downloads/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Micro Focus ArcSight Logger",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "lessThan": "v7.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Self Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-07T20:15:52.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.microfocus.com/support/downloads/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2022-26331",
              "STATE": "PUBLIC",
              "TITLE": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS)."
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Micro Focus ArcSight Logger",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "v7.2.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Self Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.microfocus.com/support/downloads/",
                  "refsource": "MISC",
                  "url": "https://www.microfocus.com/support/downloads/"
                },
                {
                  "name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
                  "refsource": "MISC",
                  "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
              }
            ],
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2022-26331",
        "datePublished": "2022-08-31T15:52:37.000Z",
        "dateReserved": "2022-02-28T00:00:00.000Z",
        "dateUpdated": "2024-08-03T05:03:32.278Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26330 (GCVE-0-2022-26330)

    Vulnerability from nvd – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
    VLAI
    Title
    Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.
    Summary
    Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus Micro Focus ArcSight Logger Affected: unspecified , < v7.2.2 (custom)
    Create a notification for this product.
    Credits
    Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:31.777Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.microfocus.com/support/downloads/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Micro Focus ArcSight Logger",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "lessThan": "v7.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-07T20:15:58.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.microfocus.com/support/downloads/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2022-26330",
              "STATE": "PUBLIC",
              "TITLE": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure."
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Micro Focus ArcSight Logger",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "v7.2.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.microfocus.com/support/downloads/",
                  "refsource": "MISC",
                  "url": "https://www.microfocus.com/support/downloads/"
                },
                {
                  "name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
                  "refsource": "MISC",
                  "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
              }
            ],
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2022-26330",
        "datePublished": "2022-08-31T15:52:15.000Z",
        "dateReserved": "2022-02-28T00:00:00.000Z",
        "dateUpdated": "2024-08-03T05:03:31.777Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26331 (GCVE-0-2022-26331)

    Vulnerability from cvelistv5 – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
    VLAI
    Title
    Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).
    Summary
    Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
    CWE
    • Self Cross-Site Scripting
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus Micro Focus ArcSight Logger Affected: unspecified , < v7.2.2 (custom)
    Create a notification for this product.
    Credits
    Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:32.278Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.microfocus.com/support/downloads/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Micro Focus ArcSight Logger",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "lessThan": "v7.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Self Cross-Site Scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-07T20:15:52.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.microfocus.com/support/downloads/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS).",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2022-26331",
              "STATE": "PUBLIC",
              "TITLE": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Self Cross-Site Scripting (XSS)."
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Micro Focus ArcSight Logger",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "v7.2.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Self Cross-Site Scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.microfocus.com/support/downloads/",
                  "refsource": "MISC",
                  "url": "https://www.microfocus.com/support/downloads/"
                },
                {
                  "name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
                  "refsource": "MISC",
                  "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
              }
            ],
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2022-26331",
        "datePublished": "2022-08-31T15:52:37.000Z",
        "dateReserved": "2022-02-28T00:00:00.000Z",
        "dateUpdated": "2024-08-03T05:03:32.278Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26330 (GCVE-0-2022-26330)

    Vulnerability from cvelistv5 – Published: 2022-08-31 15:52 – Updated: 2024-08-03 05:03
    VLAI
    Title
    Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.
    Summary
    Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus Micro Focus ArcSight Logger Affected: unspecified , < v7.2.2 (custom)
    Create a notification for this product.
    Credits
    Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:31.777Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.microfocus.com/support/downloads/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Micro Focus ArcSight Logger",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "lessThan": "v7.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-07T20:15:58.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.microfocus.com/support/downloads/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure.",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2022-26330",
              "STATE": "PUBLIC",
              "TITLE": "Potential vulnerability has been identified in Micro Focus ArcSight Logger. The vulnerability could be remotely exploited resulting in Information Disclosure."
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Micro Focus ArcSight Logger",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "v7.2.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to give a special thanks to Michal Skowron for responsibly disclosing those vulnerabilities."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.microfocus.com/support/downloads/",
                  "refsource": "MISC",
                  "url": "https://www.microfocus.com/support/downloads/"
                },
                {
                  "name": "https://portal.microfocus.com/s/article/KM000010167?language=en_US",
                  "refsource": "MISC",
                  "url": "https://portal.microfocus.com/s/article/KM000010167?language=en_US"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Micro Focus has made the following mitigation information available to resolve the vulnerabilities for the impacted versions of ArcSight Logger:\n\u2022\tLogger 7.2.2  https://www.microfocus.com/support/downloads/"
              }
            ],
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2022-26330",
        "datePublished": "2022-08-31T15:52:15.000Z",
        "dateReserved": "2022-02-28T00:00:00.000Z",
        "dateUpdated": "2024-08-03T05:03:31.777Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }