CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-4373

The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/92122
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507
http://www.securityfocus.com/bid/92122
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05206507

Products affected by CVE-2016-4373

Hp » Operations Manager » Version: 9.20.0

cpe:2.3:a:hp:operations_manager:9.20.0
Hp » Operations Manager » Version: 9.21

cpe:2.3:a:hp:operations_manager:9.21
Hp » Operations Manager » Version: 9.21.120

cpe:2.3:a:hp:operations_manager:9.21.120

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4373

Products

Pricing

Contact Us