HP ArcSight ESM < 5.6 / 6.0 / 6.5c SP1 P2 / 6.8c Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A security management system installed on the remote host is affected
by multiple vulnerabilities.

Description :

According to its self-reported version number, the version of HP
ArcSight Enterprise Security Manager (ESM) installed on the remote
host is prior to 5.6, 6.0, 6.5.1.1845.0 (6.5c SP1 P2), or 6.8.0.1896
(6.8c). It is, therefore, affected by multiple vulnerabilities :

- An unspecified flaw exists that allows a local attacker
to execute arbitrary commands. (CVE-2016-1990)

- An unspecified flaw exists that allows an authenticated,
remote attacker to upload arbitrary files.
(CVE-2016-1991)

See also :

http://www.nessus.org/u?0aab6435

Solution :

Upgrade to HP ArcSight ESM version 5.6 / 6.0 / 6.5.1.1845.0 (6.5c SP1
P2), or 6.8.0.1896 (6.8c) or later.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.4
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 90313 ()

Bugtraq ID:

CVE ID: CVE-2016-1990
CVE-2016-1991

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now