CVE-2016-4398

CWE-502Deserialization of Untrusted Data3 documents3 sources
Severity
8.8HIGH
EPSS
15.3%
top 5.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hewlett Packard Enterprise HP Network Node Manager (nnmi)HP Network Node Manager I
Timeline
PublishedAug 6
Latest updateMay 14

Description

A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5hewlett_packard_enterprise/hp_network_node_manager_(nnmi)10.00, 10.01 (patch1), 10.01 (patch 2), 10.10
NVDhp/network_node_manager_i10.00, 10.01, 10.10+2

🔴Vulnerability Details

2
GHSA
GHSA-68pp-pqvq-w6jg: A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 102022-05-14
CVEList
CVE-2016-4398: A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 102018-08-06
CVE-2016-4398 (HIGH CVSS 8.8) | A remote arbitrary code execution v | cvebase.io