CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-1999

The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.032

EPSS Ranking 86.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

http://www.securityfocus.com/bid/90778
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05063986
http://www.securityfocus.com/bid/90778
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05063986

Products affected by CVE-2016-1999

Hp » Release Control » Version: 9.13

cpe:2.3:a:hp:release_control:9.13
Hp » Release Control » Version: 9.20

cpe:2.3:a:hp:release_control:9.20
Hp » Release Control » Version: 9.21

cpe:2.3:a:hp:release_control:9.21

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1999

Products

Pricing

Contact Us