CVE-2015-2903

Medium CVSS 6.9

Overview

The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password.

CWE: N/A Published: 2015-11-04T03:59:02.040

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.9 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags