cpe:/a:hp:arcsight_enterprise_security_manager:6.0 cpe:/a:hp:arcsight_enterprise_security_manager:6.0c cpe:/a:hp:arcsight_enterprise_security_manager:6.5 cpe:/a:hp:arcsight_enterprise_security_manager:6.5:sp1 cpe:/a:hp:arcsight_enterprise_security_manager:6.5c cpe:/a:hp:arcsight_enterprise_security_manager:6.5c:sp1 cpe:/a:hp:arcsight_enterprise_security_manager:6.8 cpe:/a:hp:arcsight_enterprise_security_manager:6.8c cpe:/a:hp:arcsight_enterprise_security_manager:6.9.0c cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c:p1 cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c:p2 cpe:/a:hp:arcsight_enterprise_security_manager:6.9.1c:p3 cpe:/a:hp:arcsight_enterprise_security_manager:6.11.0 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.0 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.0c cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5:sp1 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5c cpe:/a:hp:arcsight_enterprise_security_manager_express:6.5c:sp1 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.8 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.8c cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.0 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p1 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p2 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.9.1c:p3 cpe:/a:hp:arcsight_enterprise_security_manager_express:6.11.0 CVE-2017-13990 2017-09-29T21:29:01.350-04:00 2017-10-05T14:44:28.577-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2017-10-05T14:06:49.217-04:00 BID 100935 CONFIRM https://softwaresupport.hpe.com/km/KM02944672 An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of Apache Tomcat application server version.