Vulnerability Details CVE-2016-1997
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 85.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2016-1997
-
cpe:2.3:a:hp:operations_orchestration:10.0
-
cpe:2.3:a:hp:operations_orchestration:10.01
-
cpe:2.3:a:hp:operations_orchestration:10.02
-
cpe:2.3:a:hp:operations_orchestration:10.10
-
cpe:2.3:a:hp:operations_orchestration:10.20
-
cpe:2.3:a:hp:operations_orchestration:10.21
-
cpe:2.3:a:hp:operations_orchestration:10.22
-
cpe:2.3:a:hp:operations_orchestration:10.22.1
-
cpe:2.3:a:hp:operations_orchestration:10.50
-
cpe:2.3:a:hp:operations_orchestration_content:1.5.3