Vulnerability Note VU#960468
HP Arcsight Logger and Connector appliances cross-site scripting vulnerability
HP's Arcsight Connector appliance v18.104.22.16844.0 and Arcsight Logger appliance v22.214.171.12488.0 (and possibly other versions) contain a file import facility which is vulnerable to cross-site scripting (XSS).
A remote attacker may, by luring a user into importing a malicious host file, be able to disclose sensitive information, steal user cookies, or escalate privileges.
The vendor's HPSBMU02836 SSRT101056 security advisory states: HP has provided HP ArcSight Connector Appliance v6.4 and HP ArcSight Logger v5.3 to resolve these issues. Please contact HP support to receive updates.
Do not import host file from untrusted sources
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Hewlett-Packard Company||Affected||02 May 2012||15 Feb 2013|
CVSS Metrics (Learn More)
Thanks to Michael Rutkowski of Duer Advanced Technology and Aerospace, Inc (DATA) for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2012-2960
- Date Public: 06 Aug 2012
- Date First Published: 06 Aug 2012
- Date Last Updated: 15 Feb 2013
- Document Revision: 13
If you have feedback, comments, or additional information about this vulnerability, please send us email.