Vulnerability Description
Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Windows Event Log Smartconnector | <= 6.0.0.60023.2 |
| Hp | Arcsight C1000 Appliance | All versions |
| Hp | Arcsight C1300 Appliance | All versions |
| Hp | Arcsight C3200 Appliance | All versions |
| Hp | Arcsight C3400 Appliance | All versions |
| Hp | Arcsight C5200 Appliance | All versions |
| Hp | Arcsight C5400 Appliance | All versions |
Related Weaknesses (CWE)
References
- http://www.kb.cert.org/vuls/id/122054US Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68855
- http://www.kb.cert.org/vuls/id/122054US Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68855
FAQ
What is CVE-2011-2779?
CVE-2011-2779 is a vulnerability with a CVSS score of 3.6 (LOW). Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modif...
How severe is CVE-2011-2779?
CVE-2011-2779 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2779?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Windows Event Log Smartconnector, Hp Arcsight C1000 Appliance, Hp Arcsight C1300 Appliance, Hp Arcsight C3200 Appliance, Hp Arcsight C3400 Appliance.