This script is Copyright (C) 2016 Tenable Network Security, Inc.
The application installed on the remote host is affected by multiple
The version of HP ArcSight Logger installed on the remote host is
prior to 6.1P1. It is, therefore, affected by multiple vulnerabilities
in the Intellicus and client-certificate upload components due to
improper validation of user-supplied input. A remote attacker can
exploit these to bypass security restrictions, resulting in the
uploading or deletion of files or the execution of arbitrary code.
See also :
Upgrade to HP ArcSight Logger version 6.1P1 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false