Vulnerability Details : CVE-2016-4378
The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors.
Vulnerability category: Information leak
Products affected by CVE-2016-4378
- cpe:2.3:a:hp:xp_9000_command_view:*:*:*:*:advanced:*:*:*
- cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4378
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 55 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4378
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-4378
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4378
-
http://www.securitytracker.com/id/1036686
HP XP P9000 and XP7 Command View Advanced Edition Unspecified Flaw Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTracker
-
http://www.securityfocus.com/bid/92649
Multiple HP Products CVE-2016-4378 Information Disclosure Vulnerability
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05241355
HPSBST03636 rev.2 - HP P9000, XP7 Command View Advanced Edition Suite (CVAE) including Device Manager, Tiered Storage Manager, Replication Manager, and Hitachi Automation Director (HAD), Remote DiscloVendor Advisory
Jump to