CVE-2016-1992 (enterprise_security_manager, enterprise_security_manager_express)
HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors.
Source: CVE-2016-1992 (enterprise_security_manager, enterprise_security_manager_express)