CVE-2017-14356

high-risk

Published 2017-10-31

An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.

Do I need to act?

-

0.53% chance of exploitation

EPSS score — low exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

9

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (20)

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager Express

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Arcsight Enterprise Security Manager

Affected Vendors

Hp

References (6)

http://www.securityfocus.com/bid/101627

https://softwaresupport.hpe.com/km/KM02996760

https://www.auscert.org.au/bulletins/54166

http://www.securityfocus.com/bid/101627

https://softwaresupport.hpe.com/km/KM02996760

https://www.auscert.org.au/bulletins/54166

56

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 2/34 · Minimal

Exposure 22/34 · High