Skip to main content

Xp7 Command View CVE-2016-4381

MEDIUM
Permissions, Privileges, and Access Controls (CWE-264)
2016-09-08 cve@mitre.org
4.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
4.5 MEDIUM
AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

1
CVE Published
Sep 08, 2016 - 16:59 cve.org
MEDIUM 4.5

DescriptionCVE.org

HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors.

AnalysisAI

HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required.

Technical ContextAI

This vulnerability is classified under CWE-264. HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors. Affected products include: Hp Xp7 Command View. Version information: through 8..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2019-7317 MEDIUM POC
5.3 Feb 04

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called und

CVE-2018-3183 CRITICAL
9.0 Oct 17

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Rated cri

CVE-2018-3169 HIGH
8.3 Oct 17

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated high severity

CVE-2018-3149 HIGH
8.3 Oct 17

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Rated high sev

CVE-2018-2814 HIGH
8.3 Apr 19

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Rated high severity

CVE-2018-2633 HIGH
8.3 Jan 18

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Rated high sev

CVE-2019-2698 HIGH POC
8.1 Apr 23

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Rated high severity (CVSS 8.1), this vulner

CVE-2019-2697 HIGH POC
8.1 Apr 23

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Rated high severity (CVSS 8.1), this vulner

CVE-2018-2794 HIGH
7.7 Apr 19

Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Rated high severity (CVSS 7.

CVE-2016-4378 HIGH
7.5 Aug 26

The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Au

CVE-2019-2602 HIGH
7.5 Apr 23

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Rated high severit

CVE-2018-2783 HIGH
7.4 Apr 19

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Rated high

Share

CVE-2016-4381 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy