CVE-2016-4394

CWE-2543 documents3 sources

Severity

6.5MEDIUM

EPSS

0.5%

top 34.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP System Management Homepage HPE HPE System Management Homepage Before V7.6

Timeline

PublishedOct 28

Latest updateMay 17

Description

HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:LExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

▶CVEListV5hpe/hpe_system_management_homepage_before_v7.6HPE System Management Homepage before v7.6

▶NVDhp/system_management_homepage7.5.5.0

🔴Vulnerability Details

GHSA

GHSA-jrxr-w99j-7ghc: HPE System Management Homepage before v7↗2022-05-17

▶

CVEList

CVE-2016-4394: HPE System Management Homepage before v7↗2016-10-28

▶