Vulnerability Note VU#122054
HP ArcSight Connector Appliance XSS vulnerability
ArcSight Connector Appliance v220.127.116.11023.2, and possibly previous versions, contains a module which is vulnerable to cross site scripting (XSS).
An attacker with access to the ArcSight Connector Appliance can conduct a cross site scripting attack, which could be used to result in information leakage, privilege escalation, and/or denial of service.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Hewlett-Packard Company||Affected||29 Apr 2011||28 Jun 2011|
CVSS Metrics (Learn More)
Thanks to Michael Rutkowski of Duer Advanced Technology and Aerospace, Inc (DATA) for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2011-0770
- Date Public: 15 Jul 2011
- Date First Published: 15 Jul 2011
- Date Last Updated: 15 Jul 2011
- Severity Metric: 4.59
- Document Revision: 24
If you have feedback, comments, or additional information about this vulnerability, please send us email.