CVE-2011-0770

medium HPE
CVSS v3 Base Score
4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS Score
1.3%
Exploitation probability in 30 days
Top 20% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
P
Availability
None
Published: July 19, 2011 (5413 days ago)
Last Modified: April 29, 2026
Vendor: HPE
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file.

CWE

CWE-79

Affected Products

hp windows event log smartconnectorhp arcsight c1000 appliancehp arcsight c1300 appliancehp arcsight c3200 appliancehp arcsight c3400 appliancehp arcsight c5200 appliancehp arcsight c5400 appliance

References

🔗 securitytracker.com 🔗 www.kb.cert.org 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com 🔗 securitytracker.com