World-writable permissions for exported report files in HP ArcSight Connector Appliance before 6.1

CVE-2011-2779 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:P

Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770.

Learn more about our User Device Pen Test.