HP ArcSight Logger < 6.1P1 Multiple Vulnerabilities
High Nessus Plugin ID 88843
SynopsisThe application installed on the remote host is affected by multiple vulnerabilities.
DescriptionThe version of HP ArcSight Logger installed on the remote host is prior to 6.1P1. It is, therefore, affected by multiple vulnerabilities in the Intellicus and client-certificate upload components due to improper validation of user-supplied input. A remote attacker can exploit these to bypass security restrictions, resulting in the uploading or deletion of files or the execution of arbitrary code.
SolutionUpgrade to HP ArcSight Logger version 6.1P1 or later.