CVE-2024-9841

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

Published: Nov 8, 2024 / Updated: 11d ago

010
CVSS 7EPSS 0.04%High
CVE info copied to clipboard

Summary

A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.

Impact

This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users. When successful, it can lead to theft of sensitive information, session hijacking, or delivery of malware to unsuspecting users. The impact is heightened by the fact that it affects the ArcSight Management Center and ArcSight Platform, which are typically used in security operations environments. The CVSS v4 base score of 7.0 (High severity) indicates a significant risk, with the potential for high impact on system integrity, low impact on confidentiality and availability, and some impact on subsequent systems.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

The vulnerability data does not provide specific information about available patches. It's recommended to check with OpenText for the latest security updates for ArcSight Management Center and ArcSight Platform.

Mitigation

1. Apply any security patches or updates provided by OpenText for ArcSight Management Center and ArcSight Platform as soon as they become available. 2. Implement input validation and output encoding on the server-side to prevent XSS attacks. 3. Use Content Security Policy (CSP) headers to mitigate the risk of XSS attacks. 4. Educate users about the risks of clicking on untrusted links or interacting with suspicious content. 5. Consider implementing web application firewalls (WAF) to help detect and block XSS attempts. 6. Regularly scan and audit the ArcSight Management Center and ArcSight Platform for vulnerabilities. 7. Limit user privileges and access controls to minimize the potential impact of a successful attack.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

CVE Assignment

NVD published the first details for CVE-2024-9841

Nov 8, 2024 at 6:15 PM
CVSS

A CVSS base score of 7 has been assigned.

Nov 8, 2024 at 6:20 PM / nvd
First Article

Feedly found the first article mentioning CVE-2024-9841. See article

Nov 8, 2024 at 6:21 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Nov 8, 2024 at 6:21 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 10%)

Nov 9, 2024 at 9:56 AM
CVSS

A CVSS base score of 6.1 has been assigned.

Nov 13, 2024 at 7:35 PM / nvd
Static CVE Timeline Graph

Affected Systems

Microfocus/arcsight_management_center
+null more

Patches

portal.microfocus.com
+null more

Attack Patterns

CAPEC-209: XSS Using MIME Type Mismatch
+null more

News

NA - CVE-2024-9841 - A Reflected Cross-Site Scripting (XSS)...
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.
CVE-2024-9841 | OpenText ArcSight Management Center/ArcSight Platform cross site scripting (KM000035977)
A vulnerability was found in OpenText ArcSight Management Center and ArcSight Platform . It has been rated as problematic . This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-9841 . The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
CVE-2024-9841 - OpenText ArcSight Management Center and ArcSight Platform Reflected Cross-Site Scripting (XSS)
CVE ID : CVE-2024-9841 Published : Nov. 8, 2024, 6:15 p.m. 48 minutes ago Description : A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited. Severity: 0.0
CVE-2024-9841
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely...
CVE-2024-9841
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.
See 4 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Changed
Confidentiality:Low
Integrity:Low
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI