Microfocus Arcsight Logger vulnerabilities

CVE-2023-24470 [CRITICAL] CWE-611 CVE-2023-24470: Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0. Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.

CVE-2023-24469 [MEDIUM] CWE-79 CVE-2023-24469: Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0 Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0

CVE-2022-26330 [HIGH] CVE-2022-26330: Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities c Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.

CVE-2022-26331 [MEDIUM] CWE-79 CVE-2022-26331: Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities c Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.

CVE-2020-11851 [CRITICAL] CWE-94 CVE-2020-11851: Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code.

CVE-2020-25834 [MEDIUM] CWE-79 CVE-2020-25834: Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. Th Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS).

CVE-2020-11860 [MEDIUM] CWE-79 CVE-2020-11860: Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version pri Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)

CVE-2020-11839 [MEDIUM] CWE-79 CVE-2020-11839: Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all versi Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.

CVE-2019-11657 [HIGH] CWE-352 CVE-2019-11657: Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product ve Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack.