Vulnerability Details CVE-2016-1998
HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2016-1998
-
cpe:2.3:a:hp:service_manager:9.30
-
cpe:2.3:a:hp:service_manager:9.31
-
cpe:2.3:a:hp:service_manager:9.32
-
cpe:2.3:a:hp:service_manager:9.33
-
cpe:2.3:a:hp:service_manager:9.34
-
cpe:2.3:a:hp:service_manager:9.35
-
cpe:2.3:a:hp:service_manager:9.40
-
cpe:2.3:a:hp:service_manager:9.41