cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2017-13991,https://securityvulnerability.io/vulnerability/CVE-2017-13991,,"An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of product license features.",HP,Arcsight Enterprise Security Manager,5.3,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2017-09-30T01:29:00.000Z,0
CVE-2017-13990,https://securityvulnerability.io/vulnerability/CVE-2017-13990,,"An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of Apache Tomcat application server version.",HP,Arcsight Enterprise Security Manager,5.3,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2017-09-30T01:29:00.000Z,0
CVE-2017-13986,https://securityvulnerability.io/vulnerability/CVE-2017-13986,,"A reflected Cross-Site Scripting(XSS) vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows for unintended information when a specific URL is sent to the system.",HP,Arcsight Enterprise Security Manager,6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2017-09-30T01:29:00.000Z,0
CVE-2017-13987,https://securityvulnerability.io/vulnerability/CVE-2017-13987,,"An insufficient access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows an unauthorized user to download log files.",HP,Arcsight Enterprise Security Manager,6.5,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2017-09-30T01:29:00.000Z,0
CVE-2017-13988,https://securityvulnerability.io/vulnerability/CVE-2017-13988,,"An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to alter the maximum size of storage groups and enable/disable the setting for the 'follow schedule' function.",HP,Arcsight Enterprise Security Manager,6.5,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2017-09-30T01:29:00.000Z,0
CVE-2017-13989,https://securityvulnerability.io/vulnerability/CVE-2017-13989,,"An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information.",HP,Arcsight Enterprise Security Manager,8.1,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2017-09-30T01:29:00.000Z,0