CVE-2016-4385
Published Sep 29, 2016
Last updated 7 years ago
Overview
- Description
- The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-502
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:network_automation:9.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB242214-2612-474E-96E2-DFD9CBE05454"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:9.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE3A3A47-D944-4FBC-BEA5-8FD304645328"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:9.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E055A9E2-C916-48D7-AF36-3A1CC397954E"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:9.22.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16984B5D-5FC7-45B8-8B07-63930B1DA0FB"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:9.22.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FE3CCA6-5D24-4B84-960A-83A70E8AFA4B"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:10.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C74FE8A-030D-4C47-AE1F-2DC84C2D55BF"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:10.00.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB416A81-70B4-4FAC-B636-69F0A51CE5D3"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:10.00.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A05254E3-3015-4CA0-8E3A-A2FFF8664CC0"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:10.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6CA263E-3137-4B14-81B1-CA3DF5AAD845"
},
{
"criteria": "cpe:2.3:a:hp:network_automation:10.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27A3AA40-2F05-4802-95A2-CCB57D9B1B62"
}
],
"operator": "OR"
}
]
}
]