CVE-2014-7884

HP ArcSight Logger <6.0P1 - Unspecified Vuln

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-7884. PoCs published by Horoszkiewicz Julian ISP_.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in ArcSight Logger, allowing authenticated users to upload a JSP web shell to the document root via path traversal. The PoC includes two HTTP requests to create a subdirectory and upload the shell, enabling remote command execution.

Description

Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors.

Exploits (1)

exploitdb WORKING POC
by Horoszkiewicz Julian ISP_ · textremotelinux
https://www.exploit-db.com/exploits/36370

This exploit demonstrates an arbitrary file upload vulnerability in ArcSight Logger, allowing authenticated users to upload a JSP web shell to the document root via path traversal. The PoC includes two HTTP requests to create a subdirectory and upload the shell, enabling remote command execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ArcSight Logger 5.3.1.6838.0 and prior versions
Auth required
Prerequisites: Authenticated session (valid tokens: asf_token, session_string, JSESSIONID) · Access to the Configuration->Content Management->Import section
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/868948
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031921

Scores

EPSS 0.1170
EPSS Percentile 95.5%

Details

Status published
Products (1)
hp/arcsight_logger 6.0
Published Mar 14, 2015
Tracked Since Feb 18, 2026