CVE-2024-3482

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published May 20, 2024

CWE ID 862

Summary

CVE-2024-3482 is a stored Cross-Site Scripting (XSS) vulnerability affecting OpenText ArcSight Enterprise Security Manager and ArcSight Platform. An attacker can exploit this weakness to inject malicious scripts into a targeted user's web browser session, potentially stealing sensitive data or gaining unauthorized access. The vulnerability can be remotely triggered, posing a significant risk to organizations using these products. It is important for users to apply the necessary patches or updates as soon as they become available to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v1-zOa
https://www.cve.org/CVERecord?id=CVE-2024-3482
https://nvd.nist.gov/vuln/detail/CVE-2024-3482

Back to Vulnerability Database

CVE-2024-3482

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations