CVE-2024-2834

Summary

A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.

Affected Software

VendorProductVersion RangeStatus
OpenTextArcSight Management Center0 < 3.2.2 P1affected
OpenTextArcSight Management Center3.2.3 < 3.2.3 P1affected
OpenTextArcSight Platform0 < 23.3.2affected
OpenTextArcSight Platform24.1.0 < 24.1.2affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References