Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

arcsight_smartconnectors

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2015-2902
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.95% / 75.42%
||
7 Day CHG~0.00%
Published-04 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate.

Action-Not Available
Vendor-n/aHP Inc.
Product-arcsight_smartconnectorsn/a
CVE-2015-2903
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-6.9||MEDIUM
EPSS-3.21% / 86.54%
||
7 Day CHG~0.00%
Published-04 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password.

Action-Not Available
Vendor-n/aHP Inc.
Product-arcsight_smartconnectorsn/a