CVE-2016-4376 : HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remo

HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors.

Published 2016-08-22 10:59:06

Updated 2021-06-22 15:20:10

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2016-4376

Broadcom » Fabric Operating System
Versions up to, including, (<=) 7.4.1
cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » Storefabric B Series Switch » Version: N/A
Broadcom » Fabric Operating System » Version: 8.0.0
cpe:2.3:o:broadcom:fabric_operating_system:8.0.0:*:*:*:*:*:*:*
Matching versions
When used together with: HP » Storefabric B Series Switch » Version: N/A

EPSS FAQ

0.32%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 70 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:C/I:N/A:N	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: None Availability Impact: None
6.5	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: None

http://www.securityfocus.com/bid/92480

HP StoreFabric B-series Switches CVE-2016-4376 Unspecified Information Disclosure Vulnerability
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05236212

HPSBST03629 rev.1 - HP StoreFabric B-series Switches, Remote Disclosure of Privileged Information
Patch;Vendor Advisory

Jump to