CVE-2016-8529

EPSS 2.17%
Published 15.02.2018 22:29:01
Last modified 21.11.2024 02:59:33
Source security-alert@hpe.com
Teams watchlist Login
Open Login

A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version.

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Lefthand Version <= 12.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.17%	0.829

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.6	2.8	4.7	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
nvd@nist.gov	7.3	6.5	8.5	AV:A/AC:L/Au:N/C:P/I:P/A:C

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www.securityfocus.com/bid/95970

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1037762

Third Party Advisory

VDB Entry

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382958

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-8529

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-8529

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-8529

EUVD