CVE-2020-11838: XSS
First published: Tue Jun 16 2020(Updated: )
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
Credit: security@microfocus.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microfocus Arcsight Management Center | >=2.7.0<2.9.4 | |
| Microfocus Arcsight Management Center | =2.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-11838?
The severity of CVE-2020-11838 is medium with a CVSS score of 5.4.
What is the affected software for CVE-2020-11838?
The affected software for CVE-2020-11838 is Micro Focus ArcSight Management Center versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4.
How can CVE-2020-11838 be exploited?
CVE-2020-11838 can be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
How can I fix CVE-2020-11838?
To fix CVE-2020-11838, update to version 2.9.4 of Micro Focus ArcSight Management Center.
What is the Common Weakness Enumeration (CWE) for CVE-2020-11838?
The Common Weakness Enumeration (CWE) for CVE-2020-11838 is CWE-79.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microfocus
- canonical/microfocus arcsight management center
- version/microfocus arcsight management center/2.7.0
- version/microfocus arcsight management center/2.6.1