CVE-2024-3482

Summary

A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.

Affected Software

VendorProductVersion RangeStatus
OpenTextArcSight Enterprise Security Manager0 < 7.6.6affected
OpenTextArcSight Enterprise Security Manager7.7.0 < 7.7.1affected
OpenTextArcSight Platform24.1.0 < 24.1.3affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References