CVE-2017-14356

Summary

An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.

Affected Software

VendorProductVersion RangeStatus
Micro FocusHP ArcSight ESMAny 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1affected
Micro FocusHP ArcSight ESM ExpressAny 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1affected

Weaknesses

  • SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References