Vulnerability Name:

CVE-2017-13988

Assigned:2017-08-30
Published:2017-09-29
Updated:2017-10-06
Summary:An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to alter the maximum size of storage groups and enable/disable the setting for the 'follow schedule' function.
CVSS v3 Severity:6.5 Medium (CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
3.5 Low (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-284
References:Source: BID
Type: VENDOR_ADVISORY
100935

Source: CONFIRM
Type: UNKNOWN
https://softwaresupport.hpe.com/km/KM02944672

Vulnerable Configuration:Configuration 1:
  • cpe:/a:hp:arcsight_enterprise_security_manager:6.11.0:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.5:sp1:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.0c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.5c:sp1:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.5c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.8c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.9.0c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c:p1:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c:p2:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c:p3:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager:6.8:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/a:hp:arcsight_enterprise_security_manager_express:6.11.0:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.8:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.8c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5c:sp1:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5:sp1:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.0c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p1:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p2:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p3:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c:*:*:*:*:*:*:*
  • OR cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.0:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    BACK
    hp arcsight_enterprise_security_manager 6.11.0
    hp arcsight_enterprise_security_manager 6.5 sp1
    hp arcsight_enterprise_security_manager 6.0
    hp arcsight_enterprise_security_manager 6.0c
    hp arcsight_enterprise_security_manager 6.5c sp1
    hp arcsight_enterprise_security_manager 6.5c
    hp arcsight_enterprise_security_manager 6.5
    hp arcsight_enterprise_security_manager 6.8c
    hp arcsight_enterprise_security_manager 6.9.0c
    hp arcsight_enterprise_security_manager 6.9.1c p1
    hp arcsight_enterprise_security_manager 6.9.1c p2
    hp arcsight_enterprise_security_manager 6.9.1c p3
    hp arcsight_enterprise_security_manager 6.9.1c
    hp arcsight_enterprise_security_manager 6.8
    hp arcsight_enterprise_security_manager_express 6.11.0
    hp arcsight_enterprise_security_manager_express 6.8
    hp arcsight_enterprise_security_manager_express 6.8c
    hp arcsight_enterprise_security_manager_express 6.5c sp1
    hp arcsight_enterprise_security_manager_express 6.5 sp1
    hp arcsight_enterprise_security_manager_express 6.5
    hp arcsight_enterprise_security_manager_express 6.5c
    hp arcsight_enterprise_security_manager_express 6.0c
    hp arcsight_enterprise_security_manager_express 6.0
    hp arcsight_enterprise_security_manager_express 6.9.1c p1
    hp arcsight_enterprise_security_manager_express 6.9.1c p2
    hp arcsight_enterprise_security_manager_express 6.9.1c p3
    hp arcsight_enterprise_security_manager_express 6.9.1c
    hp arcsight_enterprise_security_manager_express 6.9.0