Windows Event Log SmartConnector in HP ArcSight Connector Appliance prior to 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp windows event log smartconnector |
||
hp arcsight c1300 appliance |
||
hp arcsight c3400 appliance |
||
hp arcsight c1000 appliance |
||
hp arcsight c3200 appliance |
||
hp arcsight c5400 appliance |
||
hp arcsight c5200 appliance |