CVE-2024-4190 HIGH

CVE-2024-4190: OpenText ArcSight Logger Stored XSS

Vendor Opentext
Product ArcSight Logger
Weakness CWE-79 · XSS
Published June 11, 2024
Last update August 1, 2024

CVSS base score

8.4/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N

What the vulnerability does

01Description

Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight Logger. The vulnerabilities could be remotely exploited.

Key dates

02Disclosure timeline

June 11, 2024 CVE published
August 1, 2024 Record updated