CVE-2016-2021 — Deserialization of Untrusted Data in HP Systems Insight Manager

CWE-502 — Deserialization of Untrusted Data CWE-295 — Improper Certificate Validation31 documents18 sources

Severity

8.1HIGHNVD

EPSS

0.3%

top 49.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Matrix Operating Environment HP Systems Insight Manager

Timeline

PublishedJun 8

Latest updateJul 30

Description

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and CVE-2016-2030.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages2 packages

▶NVDhp/systems_insight_manager7.5

▶NVDhp/matrix_operating_environment7.5

🔴Vulnerability Details

GHSA

GHSA-492h-x276-h4v7: HPE Systems Insight Manager (SIM) before 7↗2022-05-17

▶

CVEList

CVE-2016-2021: HPE Systems Insight Manager (SIM) before 7↗2016-06-08

▶

💥Exploits & PoCs

Metasploit

Microsoft Exchange ProxyLogon Collector↗

▶

🔍Detection Rules

Elastic

Microsoft Exchange Server UM Spawning Suspicious Processes↗

▶

📋Vendor Advisories

Oracle

Oracle Oracle Insurance Applications Risk Matrix: Development tools (Apache Commons FileUpload) — CVE-2016-1000031↗2021-10-15

▶

Red Hat

7: Incomplete fix of CVE-2016-4978 in HornetQ library↗2021-10-05

▶

Red Hat

libzapojit: missing TLS certificate verification↗2021-08-22

▶

Drupal

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2021-003↗2021-05-26

▶

Oracle

Oracle Oracle Siebel CRM Risk Matrix: UIF Open UI (jQuery UI) — CVE-2016-7103↗2021-04-15

▶

🕵️Threat Intelligence

Bleepingcomputer

UK govt links 2021 Electoral Commission breach to Exchange server↗2024-07-30

▶

Securelist

MysterySnail attacks with Windows zero-day↗2021-10-12

▶

Trendmicro

FormBook Adds Latest Office 365 0-Day Vulnerability CVE-2021-40444 to Its Arsenal↗2021-09-29

▶