CVE-2016-2029

CWE-20 — Improper Input Validation5 documents5 sources

Severity

9.1CRITICAL

EPSS

1.3%

top 20.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Matrix Operating Environment HP Systems Insight Manager

Timeline

PublishedJun 8

Latest updateMay 17

Description

HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4358.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages2 packages

▶NVDhp/matrix_operating_environment7.5

▶NVDhp/systems_insight_manager7.5

🔴Vulnerability Details

GHSA

GHSA-4wv5-vfv3-96c7: HPE Matrix Operating Environment before 7↗2022-05-17

▶

CVEList

CVE-2016-2029: HPE Matrix Operating Environment before 7↗2016-06-08

▶

📋Vendor Advisories

Red Hat

openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service↗2018-01-24

▶