Vulnerability CVE-2016-4377
Published: 2016-08-22

Description:
HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS2 => (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.6/10
10/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
HP -> Converged infrastructure solution sizer suite 
HP -> Insight management sizer 
HP -> Power advisor 
HP -> Sap sizing tool 
HP -> Sizer for converged systems virtualization 
HP -> Sizer for microsoft exchange server 2010 
HP -> Sizer for microsoft exchange server 2013 
HP -> Sizer for microsoft exchange server 2016 
HP -> Sizer for microsoft lync server 2013 
HP -> Sizer for microsoft sharepoint 2010 
HP -> Sizer for microsoft sharepoint 2013 
HP -> Sizer for microsoft skype for business server 2015 
HP -> Sizing tool for sap business suite powered by hana 
HP -> Storage sizing tool 
HP -> Synergy planning tool 

 References:
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578
Copyright 2024, cxsecurity.com

 

Back to Top