Vulnerability Details : CVE-2016-2020
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030.
Exploit prediction scoring system (EPSS) score for CVE-2016-2020
Probability of exploitation activity in the next 30 days: 0.10%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 42 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-2020
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
8.5
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:N |
8.0
|
9.2
|
NIST |
8.1
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
2.8
|
5.2
|
NIST |
References for CVE-2016-2020
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
HPSBMU03611 rev.2 - HPE Matrix Operating Environment on Windows and Linux, Multiple Remote VulnerabilitiesMitigation;Vendor Advisory
-
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05131085
HPSBMU03590 rev.3 - HPE Systems Insight Manager (SIM), Multiple Remote VulnerabilitiesVendor Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
HPSBMU03612 rev.2 - HPE Insight Control on Windows and Linux, Multiple Remote VulnerabilitiesMitigation;Vendor Advisory
Products affected by CVE-2016-2020
- cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:hp:matrix_operating_environment:*:*:*:*:*:*:*:*